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(57) Abstract: An automated transaction machine 
such as an ATM (10) is provided. The ATM isoperative 
to digitally sign electronic documents (42). The ATM 
may be in operative connectionwith a storage server 
(32). The storage server is operative responsive to the 
ATM to maintainelectronic documents (42) in a data 
store (34) in association with the user's digital safe 
depositaccount (40) and/or a financial account (48) 
such as checking, savings, debit, or credit account. 
The storage server is further operative to store a 
private key (44) of a user in association with theuser's 
digital safe deposit account and/or financial account. 
The ATM is operative to causeelectronic documents 
to be signed using the private key associated with 
the user. The ATM isfurther operative to output the 
electronic document on a display device (18) of the 
ATM wherethe user may view and edit the electronic 
document. 
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(57) Abstract: An automated transaction 
machine such as an ATM (10) is provided. The 
ATM isoperative to digitally sign electronic 
documents (42). The ATM may be in operative 
connectionwith a storage server (32). The 
storage server is operative responsive to the 
ATM to maintainelectronic documents (42) 
in a data store (34) in association with the 
user's digital safe depositaccount (40) and/or a 
financial account (48) such as checking, savings, 
debit, or credit account. The storage server is 
further operative to store a private key (44) of 
a user in association with theuser's digital safe 
deposit account and/or financial account. The 
ATM is operative to causeelectronic documents 
to be signed using the private key associated 
with the user. The ATM isfurther operative to 
output the electronic document on a display 
device (18) of the ATM wherethe user may view 
and edit the electronic document. 
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AUTOMATED TRANSACTION MACHINE 
DIGITAL SIGNATURE SYSTEM AND METHOD 



TECHNICAL FIELD 
This invention relates to automated transaction machines. Specifically 
this invention relates to an automated transaction machine system and method 
that is capable of digitally signing electronic documents. 



BACKGROUND ART 

10 As an increasing number of individuals own or have access to personal 

computers, more and more individuals are generating electronic documents. 
Examples of electronic documents include electronically filed tax returns, 
contracts for goods or services ordered online through the internet, e-mail, 
word processing documents, or any other type of document that has a digital 

1 5 form. Some electronic documents are of a type that the individuals involved 
in generating, sending or receiving such documents might prefer to have the 
documents maintained as secure and confidential for long periods of time. 

Unfortunately, many personal computers have insecure configurations. 
With the increasing popularity of the Internet, many personal computers are 

20 vulnerable to being accessed remotely by hackers on the Internet. Further, 
many home personal computers are not configured with passwords and as a 
result anyone with physical access to the personal computer such as a friend, a 
child care giver, or a relative may accidently or intentionally gain access to 
sensitive electronic documents. Although cryptography software exists to 

25 encrypt private electronic documents, many individuals do not have the 

technical skill to install and configure encryption software correctly on their 
personal computers. Consequently, there exists a need for a system and 
method of protecting personal electronic documents which can be more easily 
used by individuals. 
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Electronic documents belonging to individuals are often stored on a 
hard drive of a personal computer. For example, consumer tax software 
typically generates electronic tax return documents which are stored on a hard 
drive. Word processors often store electronic document files in a common 
5 directory on a hard drive. E-mail received by and sent from a personal 
computer is also often stored on a hard drive. Unfortunately, over time 
personal computers may encounter software and/or hardware problems which 
destroy computer files stored on a hard drive. Unless the individual 
proactively and regularly performs backups of computer files located on the 

1 0 hard drive of their personal computer, important, difficult to replace, personal 
electronic documents may be lost due to a hardware or software problem. 
Even if the documents are backed-up on removable media such as a tape, 
portable disk or CD, the portable media itself may become corrupted, 
unreadable, obsolete, or lost. As a result, there exists a need for a system and 

1 5 method of storing important personal electronic documents which can preserve 
the integrity of the documents for long periods of time. 

With the enactment of electronic signature laws at the state and federal 
levels, individuals are likely to encounter more opportunities to generate and 
electronically sign electronic documents. Many electronic signature systems 

20 use public key encryption methods to generate and validate electronic 

signatures. When signing an electronic document an individual uses a secret 
private key to generate a digital signature for the electronic document. Such a 
private key is generally associated with a public key. Another party may use 
the public key to authenticate the electronic document and digital signature. 

25 Such public keys are often distributed as part of a digital certificate which is 
digitally signed by a trusted third party certificate authority. 

Although the digital certificate and public key may be publicly 
disclosed to the world, the private key must remain a secret to prevent 
forgeries. When a person wishes to digitally sign a document, the user must 

30 employ a computer program which has access to the private key. As with 
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encryption software, many individuals do not have the technical skill to 
successfully install and use digital signature programs on their personal 
computers. Consequently there exists a need for a system and method of 
digitally signing electronic documents which can be easily employed by 
individuals. 

In general, when a digital signature program belongs to a person using 
the program, that person may have reasonable assurance that the person's 
private key will be kept a secret by the program. In addition the person has 
reasonable assurance that the electronic document being signed corresponds to 
the electronic document that was read and reviewed by the person. 
Unfortunately, if the digital signing program belongs to an untrusted party, the 
individual has very little assurance that a private key inputted by the individual 
will remain a secret and/or that the electronic document that was read and 
reviewed by the individual is the actual document being digitally signed. As a 
result there exists a need for a system and method of protecting the 
confidentiality of private keys used to digitally sign electronic documents. 
There also exists a need to provide a system and method of digitally signing 
electronic documents which provides additional assurance to individuals that 
the process is a safe substitute for signing paper documents. 

DISCLOSURE OF INVENTION 

It is an object of an exemplary form of the present invention to provide 
a system and method which can be easily employed by individuals for 
protecting electronic documents. 

It is a further object of an exemplary form of the present invention to 
provide a system and method of storing electronic documents which can 
preserve the integrity and confidentiality of the electronic documents for long 
periods of time. 

It is a further object of an exemplary form of the present invention to 
provide a system and method which can be easily employed by individuals for 
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digitally signing electronic documents. 

It is a further object of an exemplary form of the present invention to 
provide a system and method of protecting the confidentiality of private keys 
used to digitally sign electronic documents. 
5 It is a further obj ect of an exemplary form of the present invention to 

provide a system and method of digitally signing electronic documents which 
provides further assurance to individuals that digital signing of electronic 
documents is a safe substitute for signing paper documents. 

Further objects of exemplary forms of the present invention will be 

1 0 made apparent in the following Best Modes for Carrying Out Invention and 
the appended claims. 

The foregoing objects may be accomplished in an exemplary 
embodiment by a system and method of storing and digitally signing electronic 
documents with automated transaction machines. An example of an 

1 5 automated transaction machine which may be used by individuals or users 

with exemplary embodiments includes an automated teller machine ("ATM"). 
ATMs enable customers to carry out banking transactions. Common banking 
transactions that may be carried out with ATMs include the dispensing of 
cash, the receipt of deposits, the transfer of funds between accounts, the 

20 payment of bills and account balance mquiries. The type of banking 

transactions a customer can carry out are determined by the capabilities of the 
particular machine and the programming of the institution operating the 
machine. Other types of automated transaction machines may allow customers 
to charge against accounts or to transfer funds. Other types of automated 

25 transaction machines may print or dispense items of value such as coupons, 
tickets, wagering slips, vouchers, checks, food stamps, money orders, scrip or 
travelers checks. For purposes of this disclosure references to an ATM, an 
automated transaction machine, or an automated banking machine shall 
encompass any device which carries out transactions including transfers of 

30 value. 
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An exemplary embodiment of the ATM may include at least one 
output device such as a display screen, audio system, and printer. The ATM 
may also include at least one input device such as a touch screen, function 
keys, keypad, keyboard, and/or card reader. The ATM may further include 
5 devices such as a dispenser mechanism for sheets of currency, a receipt printer 
mechanism, a card reader/writer, a depository mechanism and other 
transaction function devices that are used by the machine in carrying out 
transactions including transfers of value. 

The ATM may include or be in operative connection with at least one 

10 computer. The computer may be in operative connection with the output 

devices and the input devices, as well as with the transaction function devices 
in the machine. The computer may include software components and 
programs that are executed therein. In an exemplary embodiment, at least one 
software component may be operative to cause the computer to provide a user 

1 5 interface through the display device or other output device of the machine, 
which enables users to store and retrieve electronic documents from a digital 
safe deposit box or account associated with the user. In one exemplary 
embodiment a digital safe deposit account includes an amount of file storage 
space maintained by a storage server in operative connection with the ATM. 

20 The exemplary ATM is operative to communicate with the storage server and 
cause the storage server to maintain electronic documents which are stored in 
association with the user's digital safe deposit account, hi one exemplary 
embodiment, the ATM is operative to have the storage server store, retrieve, 
copy, and delete electronic documents stored in the user's digital safe deposit 

25 account. In addition the exemplary storage server is configured with operative 
hardware, software, and backup technology to preserve the integrity of the 
electronic files for long periods of time. Exemplary embodiments of the 
storage server are also operative to encrypt the electronic documents such that 
only authorized individuals may access the electronic documents. 
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Exemplary embodiments of the ATM may enable a user to retrieve an 
electronic document from an external source and store the retrieved document 
in the user's digital safe deposit account. External sources for example may 
include a portable storage medium such as a CD, a portable computing device 
5 such as a mobile phone, and/or a network accessible storage location. In 
exemplary embodiments, the ATM includes a portable storage medium 
reading device that is operative to read electronic documents from a portable 
storage medium. Examples of portable storage medium reading devices for 
use with exemplary embodiments include portable hard drive readers such as 
1 0 an Iomega Jaz® drive; magneto optical drives such as an Iomega Zip® drive; 
flash memory drives for writing to flash memory devices such as 
CompactFlash and Sony Memory Stick®; PC Cards Interfaces; CD drives, 
DVD drives; Mini-CD drives; smart cards; floppy disk drives; and digital tape 
drives. 

1 5 The exemplary ATM may further enable users to view and/or listen to 

the contents of electronic documents through an output device of the machine. 
The exemplary ATM for example, may include document output software 
components which may be operative to cause the computer of the ATM to 
output corresponding visual representations of the electronic documents 

20 through a display device of the ATM. Examples of document output software 
components which may be operatively used with exemplary embodiments 
include an Adobe® PDF viewer, HTML or XML browser, a word processor, 
or any other software application which is operative to read or access an 
electronic document and output a visual representation of the accessed 

25 electronic document. The exemplary ATM may further include document 
output software components that are operative to output audible 
representations of the electronic documents through an audio device of the 
ATM. For example, electronic documents may include text which is both 
displayed through a display screen and converted into audible speech which is 

30 outputted through speakers of the ATM. Also, the ATM may further be 
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operative to print a visual representation of the electronic document through a 
printer device. 

In an alterative exemplary embodiment, users may have access to 
electronic documents stored in the digital safe deposit account through a 
5 public network such as the Internet. In one exemplary embodiment, the 

present invention may enable users to choose to add Internet access to their 
digital safe deposit account in addition to ATM access to their digital safe 
deposit account. Users may or may not enable Internet access depending on 
the sensitivity and type of electronic documents stored in the digital safe 

10 deposit account. 

An exemplary ATM may be operative to digitally sign electronic 
documents. In one exemplary embodiment, the ATM may include digital 
signature software components which are operative to sign electronic 
documents using public key cryptography algorithms and protocols, or other 

1 5 digital signature algorithm and protocol. For example, the exemplary digital 
signature software may be operative to sign electronic documents using a 
private key associated with the user. In one exemplary embodiment the 
private key may be stored by a storage server in association with a digital safe 
deposit account of the user. After authenticating the user, the exemplary ATM 

20 may be operative to cause an electronic document to be digitally signed using 
the private key securely stored by the storage server. Once an electronic 
document has been caused to be signed by the exemplary ATM, the ATM may 
be operative to send the signed electronic document to a location of the user's 
choosing such as the digital safe deposit account associated with the user or an 

25 external source such as a portable storage medium, portable computing device 
and/or network accessible storage location. 

In some exemplary embodiments, the exemplary ATM may be 
operative to sign electronic documents with a private key of a user that is 
stored on an external source such as a portable computing device. For 

30 example, the private key of the user may be securely stored on a smart card. 
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An exemplary embodiment of the ATM may include a smart card reader 
which is operative to communicate with the smart card for purposes of signing 
an electronic document 

The exemplary storage server or an external source such as a smart 
5 card, may require a password or biometric data from the ATM prior to 

enabling a digital signature to be generated using the private key of the user. 
The exemplary ATM may include input devices such as a keypad or a 
biometric reading device which a user may use to input a required password 
such as a PIN, or biometric data. 

10 In one exemplary embodiment, the ATM may be operative to retrieve 

the private key from the storage server or an external device for purposes of 
generating the digital signature with the ATM. In some exemplary 
embodiments, the system may be configured such that the ATM does not 
require that the private key be retrieved by the ATM. In this exemplary 

1 5 embodiment, the ATM is operative to generate a one-way hash of the 
electronic document such as a message digest, cryptographic checksum, 
message integrity check, or manipulation detection code. The one-way hash 
may then be forwarded to the storage server, smart card, or other secure 
external source which has secure access to the private key. The storage server, 

20 smart card, or other secure external source may then generate a digital 

signature responsive to the one-way hash, private key and the appropriate 
encryption or digital signature algorithm. The storage server, smart card, or 
other secure external source may then return the digital signature to the ATM. 
The ATM may then attach the digital signature to the electronic document 

25 prior to storage in the digital safe deposit account or prior to sending the 
electronic document to an external source. 

hi an exemplary embodiment, the ATM may forward the electronic 
document to the storage server, smart card, or other external source. In this 
embodiment the storage server, smart card, or other external source is 

30 operative to generate the digest and the corresponding digital signature from 
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the received electronic document and then forward the digital signature and/or 
electronic document back to the ATM. It is to be understood that exemplary 
embodiments encompass the use of any digital signature algorithm and key 
management system which is operative to enable an ATM to securely sign 
5 electronic documents. Examples of cryptographic algorithms which may be 
used with the present exemplary invention include RSA and DSA. 

In some exemplary embodiments, the digital safe deposit account 
and/or a user's private key may be associated with a banking or other financial 
account of the user such as a checking account, savings account, debit account 

10 and/or credit account. A user may access the digital safe deposit account 

and/or digital signature features of the exemplary ATM by inserting an ATM 
card, bank card, credit card, or any other card which is associated with the 
user's financial account. After a user inputs a corresponding password such as 
a PIN or biometric information into an input device of the ATM, the 

15 exemplary ATM may be operative to enable the user to select transaction 

functions of the ATM such as the dispensing of cash, transfers, deposits, bill 
payment, and balance inquiry. In addition the exemplary ATM may be 
operative to enable the user to display and digitally sign electronic documents 
with a private key associated with the user's financial account. Further, the 

20 exemplary ATM may be operative to enable the user to access and maintain 
electronic documents stored in a digital safe deposit account which is 
associated with the user's financial account. 

In embodiments where a user's digital safe deposit account and/or 
private key is not associated with a financial account card, a user may be 

25 issued a digital safe deposit account card with machine readable indica thereon 
which corresponds to the user's digital safe deposit account. ATMs of 
exemplary embodiments may be operative to enable a user to access his/her 
digital safe deposit account and sign electronic documents responsive to 
reading the machine readable indicia from the digital safe deposit account 

30 card. 



WO 02/073341 



PCT/US02/06826 



10 

In addition, the exemplary ATM may be operative to enable a user to 
generate private and public keys for digitally signing electronic documents. 
Also, the exemplary ATM may be operative to enable a user to acquire and/or 
purchase a digital certificate such as an X.509 certificate using the ATM. The 
5 exemplary ATM may be in operative connection with a certificate authority 
and may be operative to send the certificate authority sufficient information to 
enable the certificate authority to generate and issue the certificate to the user. 
Such digital certificates may be used to authenticate the user's digital signature 
created using the exemplary ATM. The exemplary ATM may be operative to 

1 0 store the digital certificate in the user's digital safe deposit account and/or in 
association with the user's financial account. As with other electronic 
documents, the exemplary ATM may be operative to send the digital 
certificate to an external source of the user's choosing. When signing an 
electronic document, the exemplary ATM maybe operative to associate the 

1 5 digital certificate with the signed electronic document. Other parties may use 
the digital certificate to authenticate the digital signature of the electronic 
document. In this described exemplary embodiment, the ATM may be 
operative to cause the costs associated with purchasing a digital certificate to 
be charged against the financial account of the user or another party. If the 

20 user already has a digital signature, an exemplary embodiment may be 

operative to retrieve the digital certificate from an external source selected by 
the user. The exemplary ATM may be operative to associate a retrieved 
digital certificate with electronic documents being signed by the ATM. The 
exemplary ATM may further be operative to have the exemplary storage server 

25 store the retrieved digital certificate in the digital safe deposit account of the 
user and/or in association with a financial account of the user. 

As discussed previously, the exemplary ATM may be operative to read 
the electronic document and output through a display device of the ATM a 
visual representation of the electronic document. In addition, the exemplary 

30 ATM may further be operative to enable a user to input through an input 



WO 02/073341 



PCT/US02/06826 



11 

device of the ATM, information into the electronic document. For example, 
an electronic document such as a contract may include fields for entering the 
names of the contracting parties, a description of the goods, and an amount of 
consideration being paid for the goods. The exemplary ATM may be 
5 operative to enable a user to input or select text, numbers, and other 

information for incorporation into the electronic document prior to signing the 
document. In addition exemplary embodiments of the ATM may be operative 
to access a data store of user information. Such a data store may be used to 
retrieve information for automatically populating input fields of an electronic 
1 0 document being viewed and edited by the ATM. 

BRIEF DESCRIPTION OF DRAWINGS 
Figure 1 is a schematic view representative of a first exemplary 
embodiment of an ATM. 
1 5 Figure 2 is a schematic view representative of an exemplary 

embodiment of a system for storing and digitally signing electronic documents 
with an ATM. 

Figures 3-8 are schematic views representative of exemplary 
embodiments of user interface screens of an ATM. 
20 Figures 9-14 are schematic views representative of exemplary 

embodiments of ATM systems for digitally signing documents. 

Figure 15 shows a schematic view of a document signing system of a 
further exemplary embodiment. 

Figure 16 shows a top plan view of an exemplary embodiment of a 
25 portable machine that is operative to digitally sign electronic documents. 

Figure 17 shows steps for an exemplary embodiment of a method for 
signing electronic documents. 

Figure 18 shows a schematic view of a document signing system of a 
further exemplary embodiment. 



30 
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Figure 19 shows an exemplary embodiment of a user interface screen 
of an ATM. 

BEST MODES FOR CARRYING OUT INVENTION 
5 Referring now to the drawings and particularly to Figure 1 , there is 

shown therein a schematic view of an exemplary automated transaction 
machine, ATM 10 of an exemplary embodiment. The ATM 10 may include at 
least one computer processor 12 and a plurality of software components 11. 
The computer processor 12 may be operative responsive to the software 

1 0 components 1 1 to control the operation of the ATM. In the exemplary 

embodiment the computer processor 12 may be operatively programmed to 
enable the ATM to perform at least one of the following functions: at least one 
banking transaction such as the dispensing of cash; the storage and retrieval of 
electronic documents; and/or the digital signing of electronic documents. 

1 5 To perform these functions the ATM may further include in operative 

connection with the computer processor 12, at least one output device 14 such 
as a display device 18, at least one input device 16, and a card reader 20 which 
also serves as an input device. In some embodiments, the ATM may also 
include in operative connection with the computer processor 12, one or more 

20 transaction function devices. Transaction function devices may include for 
example a cash dispenser 24, a depositor 22, a receipt printer 25 and other 
devices. The ATM 10 may further be operative to communicate with at least 
one financial transaction processing computer or system which is operative to 
carry out financial transfers and authorizations, which in this example is host 

25 banking system 30. ATM 1 0 also may be enabled to communicate with at 
least one storage server 32. In the exemplary embodiment the storage server 
32 may be in operative communication with at least one data store 34. Also in 
an exemplary embodiment, the ATM 10 may be operative to communicate 
with the at least one storage server 32 through communication with the host 

30 banking system 30. 
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In one exemplary embodiment the storage server maybe responsive to 
a plurality of ATMs 10 to securely store and maintain a plurality of electronic 
documents 42 in digital safe deposit boxes or accounts 40. Such digital safe 
deposit accounts may correspond to individual file storage locations on the 
5 data store 34. The electronic documents 42 may include for example digital 
representations of physical documents, word processing documents, HTML 
files, XML files, other markup language documents, Acrobat® PDF files, 
spreadsheet files, digital certificates, image files, sound files, audio visual 
files, source code files, application specific storage files, electronic voting 

10 ballets, or any other type of digital file which is operative to store information 
in a computer readable format. A user may establish one or more digital safe 
deposit accounts 40 and use an ATM 10 to store and maintain electronic 
documents 42 in association with his/her digital safe deposit account. 

The exemplary embodiment of ATM 10 maybe operative to display 

1 5 the viewable contents of an electronic document on the display device 1 8 and 
enable a user to digitally sign the electronic document. In many digital 
signature algorithms, the signer must use secret information such as a private 
key to generate the digital signature. In one exemplary embodiment, a user's 
private key 44, may be stored in a user's digital safe deposit account or stored 

20 in association with a user's digital safe deposit account 40. In exemplary 

embodiments, a user's private key 44 may further be stored in association with 
a user's financial account such as a credit card account, debit card account, 
checking account, savings account or any other financial account of the user. 
In addition, as will be further discussed below, exemplary embodiments of the 

25 ATM 1 0 and/or storage server 32 may be operative to digitally sign electronic 
documents using the private key 44 associated with the user's digital safe 
deposit account 40 and/or a financial account. 

It should be understood that the ATM 10 is an exemplary embodiment 
and in other embodiments automated transaction machines may include other 

30 or additional devices and may operate in other types of systems. For example, 
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embodiments may include in operative connection with the computer 
processor 12, a data store including a storage device drive 26, and a 
communication port 28 which serves as an input/output device. The storage 
device drive 26 serves as a data store and enables the computer processor to 
5 read and/or write electronic documents to an external source 56 such as 
portable storage medium 36. The communication port 28 enables the 
computer processor to read and/or write electronic documents to external 
sources 56 such as a portable computing device 38 or a network accessible 
storage location 58. 

1 0 Figure 2 schematically shows an exemplary embodiment of the ATM 

10 that maybe operative to store and maintain electronic documents 42 in a 
digital safe deposit account 40. The exemplary embodiment of the ATM 10 
may include a display device 1 8 such as a CRT monitor or LCD display. The 
display device may be operative responsive to the computer processor to 

1 5 output user interface indicia 46. The user interface indicia may include 

instructional outputs for operating the ATM as well as content indicia which 
are representative of lists of electronic documents that may be accessed by the 
ATM 10 or portions of an electronic document which are operative to be 
viewed on the display device 18. Some exemplary embodiments may further 

20 include other output devices 14 such as a sound system 19 that is operative to 
output audio content that corresponds to an electronic document. For example 
when an electronic document includes audio information such as an MP3 file, 
an ATM 1 0 may be operatively programmed to cause the sound system to 
output sound in response to the MP3 file, m addition, if the electronic 

25 document includes language information such as text, an exemplary 

embodiment may include a speech synthesizer device or software that is 
operative to read the language information to a user by outputting spoken 
words through the sound system of the ATM 10. 

The exemplary embodiment of the ATM 10 may also include at least 

30 one input device 16 such as a keypad 50 or selection buttons 52. The input 
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device(s) such as a keypad 50 and selection buttons 52 may enable users to 
enter operational inputs such as a personal identification number (PIN) 
corresponding to an account, an amount of cash to withdraw, or a selection of 
a particular electronic document to view, store and/or digitally sign. Some 
5 exemplary embodiments of the ATM 1 0 may further include a biometric 
reading input device 54 such as a fingerprint reader, iris scanner, retina 
scanner, voice recognition device, facial recognition reader or other device 
which is operative to enable a user to input user identifying biometric 
information. Such identifying biometric information may be used by an 

1 0 exemplary embodiment of the ATM 1 0 to further authenticate a user prior to 
enabling the user to perform transaction functions, access a digital safe deposit 
account, and/or digitally sign an electronic document. 

In exemplary embodiments, the ATM may include other or additional 
types of input devices for entering information, such as a touch screen device, 

15 a speech recognition system, a track ball, and/or a digitizing signature pad 53. 
The digitizing signature pad 53 is operative to produce a digital representation 
or scan of a handwritten signature drawn on the pad 53 with a pen or an 
inkless stylus 55. Such a digitized scan of the handwritten signature may be 
captured by the ATM 10 and integrated into electronic documents that are 

20 digitally signed by the ATM. 

As discussed previously, the ATM 10 may include a card reader 20. 
The card reader 20 may be operative to read indicia corresponding to account 
information or other information from a user's card. The card may be a bank 
card, credit card, debit card, gas card, merchant card, smart card, or other 

25 medium that is operative to store account data and/or other information which 
may be used to identify a user or their accounts. Such account data may 
include an account number of a checking, savings, debit, credit, or other 
banking or financial account. Such account data may further include data 
representative of a digital safe deposit account of the user. 
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lii one exemplary embodiment, a digital safe deposit account, a private 
key 44, and/or a digital certificate 45 may be associated with a financial 
account 48 of the user. When the user uses the exemplary ATM 10 with a 
card associated with the financial account 48, the exemplary ATM may be 
5 operative to automatically provide the user with access to the user's associated 
digital safe deposit account 40, private key 44, and/or digital certificate. For 
example, when a user inserts a credit or debit card in the card reader 20, the 
exemplary ATM may be operative to read the credit or debit account number 
from the card. This number maybe used by the ATM to access the financial 

1 0 account through communication with the host banking system 30. In one 

exemplary embodiment, the private key of the user may be directly associated 
with the financial account of the user and the ATM is operative through 
communication with the host banking system to cause an electronic document 
to be digitally signed responsive to the private key associated with the 

15 financial account. In some embodiments, the user's digital safe deposit 
account 40 may be associated with the user's financial account 48 and the 
ATM may be operative to receive access to the digital safe deposit account 40 
through communication with the host banking system. 

An exemplary embodiment of the ATM 1 0 may be operative to 

20 dispense a selected amount of cash to the user from the cash dispenser 24, and 
to debit a banking or financial account through communication with a 
financial transaction computer such as the host banking system 30. The 
exemplary ATM 10 may be configured to debit user fees from a financial 
account of the user for storing, viewing, and digitally signing electronic 

25 documents with the ATM. The ATM may further be configured to debit user 
fees from a financial account of a further party or entity which may be 
associated with the electronic document being viewed, stored, and/or digitally 
signed by the ATM. 

The exemplary embodiment of the ATM 10 may include a storage 

30 device drive 26 such as a CD drive which is operative to accept a portable 
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storage medium 36 such as a read-only, write-once or rewriteable CD. The 
exemplary embodiment of the ATM 10 is operative to cause the storage device 
drive 26 to read electronic documents from the portable storage medium 36. 
The read electronic documents may be viewed on the display screen 18 of the 
5 ATM 10 and/or transferred to a digital safe deposit account 40. In addition the 
exemplary ATM may further be operative to retrieve electronic documents 
stored in the digital safe deposit account 40, view them on the display device 
18 and/or cause the storage device drive 26 to record the electronic document 
to the portable storage medium 36. Examples of other types of storage device 
10 drives that may be used with embodiments include portable hard drive readers 
such as an Iomega Jaz® drive; magneto optical drives such as an Iomega Zip® 
drive; flash memory drives for writing to flash memory devices such as 
CompactFlash and Sony Memory Stick®; DVD drives, Mini-CD drives, and 
digital tape drives. 

1 5 Some embodiments may include one or more communication ports 28 

that are operative to retrieve and record electronic documents to a portable 
computing device such as a mobile phone 38 or a network accessible storage 
location 58 associated with a customer selected or inputted URL, e-mail 
address, or other network address. Examples of suitable communication ports 

20 18 may include a Universal Serial Bus (USB) port, a serial RS-232 port, 

parallel port, an infrared (IR) port, a radio frequency (RF) port such as 
Bluetooth, an IEEE- 13 94 port, or a network port such as a wired Ethernet or 
wireless Ethernet (IEEE-802. 1 lx) connection. Examples of other types of 
portable computing devices that maybe accessed with embodiments of the 

25 ATM 1 0 include a portable computer such as a notebook computer and a 
personal digital assistant (PDA). 

The exemplary embodiment of the ATM 10 may further include a 
fascia 59 through which the one or more of the input devices, display devices, 
and transaction function devices are accessible to a user. The ATM 10 may 

30 further include a visible indicia 57 adjacent the fascia 59 of the ATM, visible 
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on the display screen or otherwise communicated to a user of the machine. 
The visible indicia 57 may include a logo, design, or text that serves as a 
source indicator mark for a digital signature service or network. Such a mark 
may correspond to a service mark of the entity that operates the servers, data 
5 stores, host systems, and/or network through which the ATM 10 

communicates to produce electronic signatures for an electronic document 
displayed by the ATM 10. Such indicia may be visually similar to indicia on a 
card of the user, so that the user can quickly determine that the ATM is 
capable of digitally signing documents using the card of the user. Such indicia 

1 0 may also serve to confirm to the user that the ATM is associated with a third 
party and independent digital signature service or network that can be trusted 
to accurately display the electronic document and to securely digitally sign the 
electronic document for the user. 

Figures 3-8 show examples of user interface screens of an exemplary 

1 5 embodiment of the ATM 1 0. Figure 3 shows an example of a user interface 
screen 100 which ATM 10 maybe operative to cause to be output through the 
display device 18. In one exemplary embodiment user interface screen 100 
may be displayed after a user activates the ATM 10 by placing a card into card 
reader 20 and inputting a PIN into the keypad 50. User interface screen 1 00 

20 may include a plurality of user selectable functions 102 which include the 
option of withdrawing cash 104 from the cash dispenser 24; the option of 
depositing a check 106 with the depositor 22; the option of transferring value 
between accounts 108; and the option of viewing an electronic document 110 
with display device 18. Each of these selectable functions 102 maybe 

25 adj acent a different selection button 52, which when pressed are operative to 
cause the ATM 10 to proceed with the corresponding function 102. 

In one exemplary embodiment, when a user selects the option to view 
an electronic document 110, the exemplary ATM 10 may be operative to 
cause the user interface screen 120 shown in Figure 4 to be output through the 

30 display device 1 8. Here the user interface screen 120 may include a plurality 
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of selection functions 122 which correspond to different sources for retrieving 
electronic documents to view. In the presently described example, selection 
functions 122 may include the option to select electronic documents from a 
digital safe deposit account 124; the options 126-130 for selecting electronic 
5 documents from the external sources of a zip disk, local network which may 
include portable computing devices such as the user's PDA, and a secure 
internet/intranet site. 

In response to a user selecting one of these electronic document 
sources, an exemplary embodiment of ATM 10 maybe operative to cause the 

10 output of the user interface screen 140 shown in Figure 5. The user interface 
screen 140 may include a listing of electronic documents 142 that the ATM 10 
has determined are present at the electronic document source selected with 
user interface screen 120. In response to a user selecting one of the listed 
electronic documents 142, an exemplary embodiment of the ATM 10 maybe 

1 5 operative to cause the selected electronic document to be viewed through the 
display screen 18. Figure 6 is representative of an example of a user interface 
screen 160 which includes indicia representative of a selected automobile loan 
electronic document 162. 

Exemplary embodiments of the ATM 10 may further include 

20 functionality for enabling the user to edit the displayed electronic document 
162. For example in one exemplary embodiment, the ATM 10 may include 
software components for displaying through the output device 18 electronic 
documents which include HTML, DHTML, XML, Active X, .Net objects, 
plugins, Java script, and/or Java applets associated with the electronic 

25 document. Such features may generate input or selection fields on the display 
device, which can be completed or modified by operating the input devices of 
the ATM 10. 

To further aid a user with the completion of fields in an electronic 
document, an exemplary ATM may ftirther be operative to retrieve relevant 
30 information for completing input fields of an electronic document from a data 
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store of stored user information. The stored user information may be 
associated with the user's financial account and/or digital safe deposit account. 
The exemplary ATM may use the stored user information to automatically 
complete input fields of an electronic document. For example, the electronic 
5 document may include an input field labeled "ship_to_address." The stored 

user information may include address information which is associated with the 
description "shipJo_address." The exemplary ATM maybe operative to 
retrieve matching user information from the data store and insert the matching 
user information in the input fields of the electronic document. When the user 

1 0 manually inputs information into an electronic document, exemplary 

embodiments of the ATM may further be operative to store the inputted 
information in the digital safe deposit account or other data store for later use 
with completing similarly labeled fields. 

Once a user has completed reviewing and/or editing an electronic 

15 document, the exemplary embodiment of the ATM 10 may be operative to 
display a further user interface screen 170 as shown in Figure 7. User 
interface screen 170 may include a plurality of selectable functions 172 
including the option to review the electronic document 174; the option to 
digitally sign the electronic document 176; the option to send the electronic 

20 document to another location 178; and the option of deleting the electronic 

document 180. In the described embodiment of ATM 10, the option to delete 
an electronic document 180 may be generally available when viewing an 
electronic document located in the user's digital safe deposit account. 

When a user selects the option to digitally sign an electronic document 

25 176, the exemplary embodiment of the ATM 10 may be operative to have a 

digital signature generated and attached to either the original or a copy of the 
electronic document. Exemplary embodiments may be operatively 
programmed to generate a digital signature using any digital signature 
algorithm and protocol. Examples of digital signature cryptography 

30 algorithms available for use with the present invention may include RSA and 
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DSA. In the exemplary embodiment an electronic document may be signed 
using a private key associated with the user. The digital signature may be 
verified at a later time by using a public key of the user which corresponds to 
the private key. Such a public key may be retrieved from a digital certificate 
5 of the user, m exemplary embodiments, the ATM may be operative to cause 
the digital certificate associated with the user to be attached to the electronic 
document when the electronic document is digitally signed. Also the ATM 
may be operative to cause the digital certificate associated with the certificate 
authority that signed the user's digital certificate to be attached to the 

10 electronic document. 

For a digital signature to correspond to a legally binding signature of 
the user, the user may need to show his/her manifestation of intent to use a 
digital signature as a legally binding electronic signature. As a result, 
exemplary embodiments of the ATM 10 may provide additional user interface 

1 5 screens which require a user to affirmatively show such a manifestation of 

intent to create a legally binding electronic signature. For example, as shown 
in Figure 19, the ATM may output a user interface screen 1 82 which prompts 
the user to make an affirmative confirming input with an input device, that 
represents the intent of the user to create a legally binding electronic signature. 

20 Some exemplary embodiments of the ATM 1 0 may cause a declaration 

to be attached to the electronic document that includes a statement that the 
user has affirmatively shown his intent to create a legally binding electronic 
signature with the generation of the digital signature. The ATM 10 may 
further cause such a statement and/or the entire electronic document to be 

25 digitally signed or digitally notarized by a further entity which affirms that the 
user provided an input to the ATM which represents the user's intent to create 
a legally binding electronic signature. The declaration and/or the electronic 
document may also be associated with a digital time stamp representative of 
the time the intent of the user was shown and/or when the digital signature was 
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created. Such a digital time stamp may be obtained by the ATM 
communicating with a digital time stamping server. 

In some exemplary embodiments, the ATM 10 may prompt the user to 
hand write his/her signature on a digitizing signature pad. The ATM 10 may 
5 generate a digitized representation or scan of the handwritten signature in the 
form of a bitmap or vector drawing. The digitized representation of the 
written signature may then be incorporated into the electronic document by the 
ATM. A displayed or printed view of the electronic document may then 
include a visual representation of the customer's written signature. 

10 When a user selects the option of sending an electronic document to 

another location 178, one exemplary embodiment of the ATM 10 may be 
operative to generate the user interface screen 190 as shown in Figure 8. User 
interface screen 190 may include a plurahty of selection functions which 
correspond to different locations 192 to send a copy of the original or signed 

15 electronic document. In the presently described example, the selection 

functions 192 may include the option to send the electronic document to the 
digital safe deposit account 194, the options 196-200 to send the electronic 
document to the external sources of a zip disk, local network, and a secure 
internet/intranet site. 

20 In one exemplary embodiment, the digital safe deposit account is 

associated with the private key of the user. In such embodiments the 
exemplary ATM 10 may include further user interface screens which enable a 
user to generate a private and public key set which may be associated with 
and/or stored in the user's digital safe deposit account. The private key may be 

25 used by the exemplary embodiment to sign electronic documents for the user. 

Referring back to Figure 1, exemplary embodiments of the ATM 10 
may further be in operative connection with a certificate authority 60. The 
exemplary ATM 10 may be operative to communicate with a certificate 
authority for purposes of creating a digital certificate such as an X.509 

3 0 certificate which may be attached to the electronic document for purposes of 
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authenticating the digital signature created by a user. The exemplary ATM 10 
may be operative to send the certificate authority information which identifies 
the user and a copy of the user's public key. In response, the certificate 
authority may be operative to generate and return a signed digital certificate 
5 which includes the identifying information and the user's public key. The 

digital certificate may then be attached to the electronic document by the ATM 
10, stored in association with or in the user's digital safe deposit account 
and/or sent to an external source selected by the user. The ATM 10 may also 
receive a copy of the digital certificate associated with the certificate authority 

1 0 that issued and signed the user's digital certificate. Such a digital certificate of 
the certificate authority may also be attached to the electronic document, 
stored in association with or in the user's digital safe deposit account and/or 
sent to an external source selected by the user. 

Figures 9-14 are schematic views of a plurality of different 

1 5 embodiments. Figure 9 shows an exemplary embodiment of an ATM 3 00 that 
may be operative to communicate with one exemplary embodiment of a 
storage server 302. Here the storage server may be operative to securely store 
private keys 304 associated with a plurality of different users. The exemplary 
private keys may be stored in association with digital safe deposit accounts 

20 and/or financial accounts such as a checking or savings account, hi this 

described embodiment the ATM 300 may be operative to send an electronic 
document 306 associated with a user using the ATM 300 to the storage server 
302. The storage server includes digital signature software 308 which may be 
operative to generate a digital signature 3 10 for the electronic document 306 

25 using the private key 304 associated with the user. The storage server may 
then attach the digital signature to the electronic document and return the 
signed electronic document to the ATM 300 or the storage server may only 
send the digital signature 3 10 to the ATM 300. The exemplary ATM 300 may 
then attach the digital signature 310 to the electronic document 306 and 
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forward the signed electronic document to a selected destination location 
chosen by the user. 

In the exemplary embodiment, the digital signature software may 
include the RSA algorithm. However in some exemplary embodiments, the 
5 digital signature software may include other or additional digital signature 

software/hardware. In embodiments where the server includes more than one 
type of digital signature software/hardware, the exemplary ATM 300 maybe 
operatively programmed to enable users to select the type of digital signature 
they would like the ATM to generate for the electronic document. 

1 0 Figure 1 0 shows an exemplary embodiment of an ATM 320 that may 

be operative to communicate with an exemplary embodiment of a storage 
server 322. Here the storage server 322 may also be operative to securely 
store private keys 324 associated with a plurality of different users. However, 
in this described embodiment, rather than sending the storage server 322 a 

1 5 complete copy of the electronic document 326, the exemplary ATM 320 may 
be operative to generate and send the storage server 322 a one-way hash 332 of 
the electronic document 326. The exemplary ATM 320 may include one or 
more one-way hash algorithms 334 which correspond to the digital signature 
protocols which the user wishes to use for signing his electronic document. 

20 For example, for generating digital signatures, exemplary one-way hash 

algorithm 334 of ATM 320 may include the one-way hash functions MD5 or 
SHA. 

Here the storage server 322 may include one or more encryption and/or 
digital signing algorithms 328 such as RSA which are operative to generate a 
25 digital signature 330 for the electronic document 326 using the one-way hash 
332 and the private key 324 associated with the user. The storage server may 
then return the digital signature 330 to the ATM 320 and the ATM 320 may 
attach the digital signature 330 to the electronic document 326. 

Figure 1 1 shows an exemplary embodiment of an ATM 340 that may 
30 be operative to communicate with an alterative exemplary embodiment of a 
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storage server 342. Here the storage server 342 may also be operative to 
securely store private keys 344 associated with a plurality of different users. 
However, in this described embodiment, the storage server 342 maybe 
operative to securely send a private key of a user to the ATM 340. The 
5 exemplary ATM 340 may include digital signature software 348 which is 
operative to cause the ATM 340 to generate a digital signature 350 for an 
electronic document 346 of the user operating the ATM 340. 

Figure 12 shows an exemplary embodiment of an ATM 400 that may 
be operative to communicate with a portable computing device 402 associated 

1 0 with a user such as a smart card, PDA, or mobile phone. Here the portable 

computing device 402 may include at least one private key 404 associated with 
the user. In this described embodiment, after the user has viewed an electronic 
document 406 associated with the user, the ATM 400 may be operative to 
send the electronic document 406 to the portable computing device 402. The 

1 5 exemplary portable computing device may include digital signature software 
408 which is operative to generate a digital signature 410 for the electronic 
document 406 using the private key 404 stored on the portable computing 
device. The portable computing device 402 may then attach the digital 
signature 410 to the electronic document 406 and return the signed electronic 

20 document to the ATM 400 or the portable computing device may only send 

the digital signature 410 to the ATM 400. The exemplary ATM 400 may then 
attach the digital signature 410 to the electronic document 406 and forward the 
signed electronic document to a selected destination location chosen by the 
user. 

25 Figure 1 3 shows an exemplary embodiment of an ATM 420 that may 

be operative to communicate with a portable computing device 422. Here the 
portable computing device 422 may also include at least one private key 424 
of the user. However, in this described embodiment, rather than sending the 
portable computing device 422 a complete copy of the electronic document 

30 426, the exemplary ATM 420 may be operative to generate and send the 
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portable computing device 422 a one-way hash 432 of the electronic document 
426. The exemplary ATM 420 may include one or more software components 
with one-way hash algorithms 434 that correspond to the digital signature 
protocols which the user wishes to use for signing his electronic document 
5 426. Using the one-way hash algorithms 434, the ATM 420 may be operative 
to produce a one-way hash 432 of the electronic document 426 and forward 
the one-way hash 432 to the portable computing device 422. 

The exemplary portable computing device 422 may include one or 
more encryption and/or digital signing algorithms 428 which are operative to 
1 0 generate a digital signature 430 for the electronic document 426 using the one- 
way hash 432 and the private key 424 associated with the user. The portable 
computing device 422 may then return the digital signature 430 to the ATM 
420 and the ATM 420 may attach the digital signature 430 to the electronic 
document 426. 

1 5 Figure 14 shows an exemplary embodiment of an ATM 440 mat may 

be operative to communicate with an exemplary portable computing device 
442. Here, the portable computing device 442 may include at least one 
private key 444 of the user. However, in this described embodiment, the 
portable computing device 442 may be operative to securely send the private 

20 key 444 of a user to the ATM 440. The exemplary ATM 440 may include 
digital signature software 448 which is operative to cause the ATM 440 to 
generate a digital signature 450 for an electronic document 446 of the user 
operating the ATM 440. 

Referring back to Figure 1, the exemplary storage server 32 may be 

25 operative to maintain an access log 62 in association with the digital safe 

deposit account 40 and/or the financial account 48 of the user. The exemplary 
storage server 32 may be operative to store in the access log 62 a record of 
each attempted access of a user's digital safe deposit account 40 and/or use of 
the private key 44. If an imposter gains access to a user's digital safe deposit 

30 account and/or private key, the exemplary access log may be used to determine 
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when and where the unauthorized access occurred. The exemplary access log 
may further include a record of which electronic document was signed by the 
system. The record for example may include the one-way hash of the 
electronic document. If an imposter uses the present exemplary system to 
5 digitally sign an electronic document, the access log may be reviewed to 

determine what document may have been forged. 

Some exemplary embodiments of the ATM may be operative to 
encrypt electronic documents stored in the digital safe deposit account using a 
symmetrical encryption algorithm such as DES and a secret key. The 

1 0 exemplary ATM may be operative to enable a user to generate a secret key for 
encrypting electronic documents from a password or from biometric 
information inputted by the user into the ATM. To decrypt the electronic 
documents, the exemplary ATM may be operative to regenerate the secret key 
by prompting the user to re-enter the password and/or biometric data. 

15 In addition to causing an electronic document to be signed, an 

alterative exemplary embodiment of an ATM maybe operative to digitally 
sign, notarize and/or cosign an electronic document using a private key 
associated with the ATM, storage server, digital signature service/ network, or 
a third party. For example, in addition to enabling a user to digitally sign an 

20 electronic document using his private key, the exemplary ATM may also cause 

the electronic document to be further digitally signed using a further private 
key not associated with the private key of the user. Such a further private key 
may be associated with an authorized notary public, a digital signature service, 
or another party to a transaction which is associated with the electronic 

25 document. The exemplary ATM may further attach the digital certificate 

associated with the further private key to the signed electronic document. 
Such a digital certificate can be used to verify the authenticity of the second 
digital signature. Also the digital certificates associated with the certificate 
authorities which issued and signed either or both of the user's digital 
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certificate and a digital certificate of the notary public or other party may also 
be attached to the electronic document. 

In an exemplary embodiment, the ATM may be operative to attach a 
digital time stamp to the electronic document by including the current date and 
5 time in the electronic document prior to the electronic document being 

digitally signed by the user of the ATM. hi some exemplary embodiments, the 
ATM may be operative to cause an electronic document to be digitally time 
stamped by a document time stamping entity or server. For example, the 
exemplary ATM may send a one-way hash of the electronic document to a 

1 0 time stamping entity. That time stamping entity would be operative to attach 
time data representative of the date, time and time zone at which the time 
stamping entity received the one-way hash. The time stamping entity may 
then digitally sign the one-way hash and time data with a private key of the 
time stamping entity to form a digital time stamp. This digital time stamp may 

15 then be returned to the ATM along with a digital certificate of the time 

stamping entity. The ATM may then attach the digital time stamp and the 
digital certificate of the time stamping entity to the electronic document, hi 
some embodiments, the digital time stamping entity may correspond to the 
same entity, service, or network that is operative to produce the digital 

20 signature for the user of the ATM. 

Figure 15 shows an example of a document signing system of one 
exemplary embodiment. Here the system 500 may include at least one ATM 
510 that is operative to display and digitally sign electronic documents. The 
ATM 510 may further be operative to communicate with one or more servers 

25 508 including servers associated with a financial transaction processing 
system, host banking system, document processing system, or a digital 
signature service or network. 

hi addition the ATM 510 may be operative to receive electronic 
documents from at least one personal computer (PC) 512 or other computing 

30 devices through a wired or wireless network 5 1 6. In this described 
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embodiment, ATM 510 may include or be in operative connection with a 
shared or externally accessible network drive 514 that is operative to store 
incoming and outgoing electronic documents. Such a shared network drive 
maybe segregated into one or more locations such as an "in-box" and an "out- 
5 box" storage area. 

The PC 512 may selectively be given permission to access the shared 
network drive 514 or a portion of the shared network drive such as an "in-box" 
associated with the ATM 510. Electronic documents created by the PC 512 
may then be saved, exported and/or sent to the shared network drive 514 of the 

1 0 ATM 5 1 0. A user operating the ATM 5 1 0 may select commands of the ATM 
which cause the ATM to display and digitally sign electronic documents stored 
in the shared network drive 514. Digitally signed versions of the electronic 
document may then be saved, exported, or sent to the shared network drive 
514 or a portion of the shared network drive such as an "out-box" of the shared 

15 network drive 514. The PC 512 or another computing device may then 

retrieval the signed document from the shared network drive 5 14. The ATM 
5 1 0 may also be in operative connection with a printer 518 and may include 
selectable options for printing the digitally signed electronic document to the 
printer. 

20 Exemplary embodiments of the ATM 510 may include transaction 

function devices such as a cash dispenser and a depository device which 
enable the ATM to perform other types of transaction functions such as the 
dispense of cash and the deposit of checks. However, some exemplary 
embodiments of the ATM 510 may be configured in a different form such as a 

25 portable form which does not dispense cash or receive deposited checks. An 
example of such a portable form of an ATM is shown in Figure 16. Here the 
exemplary embodiment of the portable ATM 520 may include a magnetic 
swipe card reader 522 or other card reader, a display screen 524, and a 
digitizing signature pad 526. The exemplary ATM 520 may further include 

30 function keys 528 for providing inputs to the ATM. Further exemplary 
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embodiments of the display screen 524 may include a touch screen for 
providing inputs to the ATM and a communication device 527 such as a 
wireless or wired network interface. 

Referring back to Figure 15, the exemplary embodiment of the ATM 
5 510 may be used by organizations which wish to offer users the ability to 

safely and securely digitally sign electronic documents. Such organizations 
may include banks, mortgage companies, title companies, S&Ls, insurance 
companies, car dealerships, leasing companies, universities, hospitals, 
government agencies, or any other organization that generates documents 

1 0 which require signatures by their customers. The exemplary ATM 510 
provides the customers or clients of the organization or other users with a 
convenient method to view and digitally sign electronic documents. 

Figure 17 shows exemplary steps involved with the operation of the 
system 500. Here the method steps are described with respect to a car 

1 5 dealership; however, it is to be understood that the exemplary steps may also 
apply to any organization, entity, group or individual that wishes to have users 
digitally sign electronic documents. The method may begin in step 600 with a 
finance manager or other member of the organization preparing electronic 
documents which correspond to a car loan. Such an electronic document may 

20 include a word processing document, an Acrobat® PDF document, extensible 
Markup Language (XML) document, or any other type of document which 
may electronically represent a car loan. 

In an exemplary embodiment, the electronic document may conform to 
a standardized loan format. Such a format may include standardized XML 

25 tags which describe information about the Lendor, Lendee, and terms of the 
loan. Such tags may include for example the names and addresses of the 
parties, the loan amount, the loan duration, the interest rate and any other term 
or category of information that may be part of the loan. Once the document is 
created, the finance manager in step 602 may save the electronic document to 

30 a storage location that is accessible to the ATM. For example, the finance 
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manager may save the electronic document to the "in-box" associated with the 
ATM. 

In busy organizations which may process loan applications 
concurrently, multiple ATMs may be available for saving the electronic 
5 document. In such cases, the shared network drive may be associated with the 
name or identification of the particular ATM which is operative to access the 
electronic document from the shared network drive. Once the electronic 
document is saved to the storage location, the finance manager may direct the 
customer to begin using the particular ATM which is operative to retrieve the 

10 electronic document. 

Once the customer has access to the ATM, the customer may follow 
the instructions displayed through the display screen of the ATM. If the 
customer already has a digital safe deposit account, digital certificate, and/or 
private key associated with a financial account, the customer may be prompted 

1 5 by the ATM to insert or swipe a card that is associated with the digital safe 
deposit account, digital certificate, and/or private key. For example if the 
customer has a checking account or a credit card which is associated with a 
digital safe deposit account, the customer may in step 604 insert or swipe 
his/her checking ATM card or credit card within the card reader of the ATM. 

20 In response, the ATM may be operative to read the financial account 

number associated with the card in step 606 with the card reader and request 
that the customer input a PIN. In step 608 the customer may input a PIN 
through a keypad or through a touch screen which may be configured to 
display a visual representation of a keypad. In one exemplary embodiment, 

25 the PIN may correspond to the 4 digit PIN associated with the customer's 

financial account. In other exemplary embodiments, the PIN may correspond 
to a different password stored in association with the customer's digital safe 
deposit account, digital certificate, and/or private key. Such a password may 
include four or more digits and/or alphanumeric characters. In other 
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embodiments the ATM may prompt the user to provide biometric data as a 
password through use of a biometric reading device of the ATM. 

For ATMs that are operative to perform many different types of 
transaction functions, the ATM may display a user interface screen similar to 
5 screen 100 of Figure 3 after the customer inputs a PIN. As discussed 

previously, user interface screen 100 may include selectable functions 102 for 
withdrawing cash, depositing a check, transferring value between accounts, 
and viewing an electronic document. For ATMs such as the portable ATM 
520 of Figure 16, the ATM may immediately retrieve the electronic document 

1 0 stored in the "in-box" associated with the ATM and display a user interface 

screen similar to screen 160 of Figure 6. If more than one electronic document 
is present in the "in-box" the ATM may display a listing of available electronic 
documents to choose from. In each case the exemplary ATMs may be 
operative to retrieve an electronic document in step 610 from the storage 

15 location and display a visual representation of the document in step 612. 

The customer may read through the document being displayed and 
make any necessary inputs of information that the electronic document may 
require. For example, the electronic document may include clauses which 
require a customer to affirmatively agree thereto. Such clauses may include 

20 user interface elements such as a checkbox, entry fields, and/or drop down fist 
boxes which can be checked/unchecked, edited, and/or selected with the input 
devices of the ATM. 

Once the document has been reviewed and updated with any necessary 
customer supplied information, in step 614 the customer may provide an input 

25 representative of a command to digitally sign the electronic document. In 

response, the ATM may in step 616 prompt the customer to provide a further 
input that is representative of a confirmation by the customer that the digital 
signature is intended to be the customer's legally binding signature. For 
ATMs that include a digitizing signature pad, this confrrming input may 

30 include having the customer draw his/her handwritten signature on the 
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digitizing signature pad. The digital scan of the handwritten signature may 
then be integrated into the electronic document prior to digitally signing the 
document. 

In response to receiving a confirming input, the ATM in step 618 may 
5 cause the electronic document to be digitally signed using a private key 

associated with the financial account read from the customer's card. Once the 
document has been digitally signed it may be associated with one or more 
digital certificates including the digital certificate associated with the financial 
account. Such a digital certificate includes the customer's public key which 

10 can be used to verify the digital signature on the electronic document. In other 
embodiments, the electronic document may include a serial number and/or a 
reference to an entity, address or URL where the customer's digital certificate 
may be retrieved to verify the digital signature. In some embodiments, the 
digital certificate of the certificate authority which issued and signed the user's 

1 5 digital certificate may be associated with the electronic document. 

Once the electronic document has been digitally signed, the ATM in 
step 620 is operative to send the signed electronic document to one or more 
specified output addresses. Such a specified output address may include the 
original storage location where the ATM retrieved the unsigned electronic 

20 document. Such a specified output address may include a portion of shared 

network drive which corresponds to an electronic "out box." Such a specified 
output address may correspond to a network address, e-mail address, data 
base, URL, or any other external storage location or communication system 
which is operative to receive an electronic document. For example, in one 

25 exemplary embodiment the specified output address may include a URL of a 
document processing server. For example, if the electronic document 
corresponds to a car loan, the specified output address maybe a document 
processing server of a bank that is lending money to the customer to buy the 
car. 
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Such a document processing server may verify the digital signature of 
the electronic document. Ifthe signature is valid, the document processing 
server may parse the XML tags of the electronic document to determine the 
name and address of the party and the terms of the loan. Such information 
5 may then be integrated into the loan processing system of the bank to establish 
a loan account and to initiate processes necessary to collect payments from the 
customer. In other exemplary embodiments, the specified output address may 
correspond to a loan processing system that is operative to securitize the loan 
for resale to another bank or other entity. In other exemplary embodiments, 

10 the specified output address may correspond to any system that is operative to 
store and/or process the signed electronic document. 

In one exemplary embodiment the specified output address may be a 
configurable parameter within the ATM. In other exemplary embodiments, 
the specified output address maybe determined by the ATM from a parameter 

15 of the electronic document. For example, the electronic document may 
include an XML tag which includes an address for the specified output 
address. In exemplary embodiments where the customer's financial account is 
associated with a digital safe deposit account, the ATM may further cause a 
copy of the signed electronic document to be stored in the customer's digital 

20 safe deposit account which may be associated with the customer's financial 
account. 

In the exemplary embodiment, the ATM in step 622 may cause a 
digital signature processing fee to be assessed to a party associated with the 
electronic document. The exemplary ATM is operative to cause a financial 

25 transaction processing system such as a host banking system or other server to 
record information associated with the processing fee in a database, log, or 
journal for immediate or delayed settlement. In an exemplary embodiment, 
the processing fee may be charged to the financial account associated with the 
customer's card. In other exemplary embodiments, the processing fee may be 

30 charged to an account associated with the organization that prepared the 
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unsigned electronic document. For example, the ATM may include a 
configuration parameter that corresponds to a financial account that may he 
assessed processing fees. In the case of a car dealership for example, the 
configuration parameter may include an account number associated with the 
5 car dealership or the bank providing the loan. In step 622 the ATM or the 
digital signature service or network servers associated with the ATM may 
communicate with a financial transaction processing system such as a host 
banking system to charge the processing fees to the account. In an exemplary 
embodiment, the electronic document may include an account number that is 

10 to be assessed the processing fees. For example the electronic document may 
include an XML tag for a fee processing account. 

Also in some exemplary embodiments, the ATM may contact a 
financial transaction processing system such as a host banking system or other 
server to authorize the assessing of the processing fee to an account prior to 

1 5 digitally signing the document in step 61 8 or prior to sending the signed 

electronic document to a specified output address in step 620. If the account 
does not have sufficient funds to pay for the processing fee or otherwise is not 
able to accept a charge of a processing fee, the ATM maybe operative to 
cancel the signing of the electronic document. The ATM may then output a 

20 visual message through the display screen of the ATM that indicates that the 
electronic document cannot be digitally signed. 

The specified output address may correspond to a storage location that 
is accessible to the organization which created the unsigned document. For 
example, with reference to a car dealership, the specified output address may 

25 include the network drive which is accessible to the finance manager. The 
manager may then cause the electronic document to be printed out so mat a 
hard copy view of the electronic document may be given to the customer. In 
other embodiments, the ATM may be in operative connection with a printer 
and may include a selectable option for printing out a hard copy of the 

30 electronic document. 
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In some exemplary embodiments where the electronic document was 
previously signed by one or more further parties, the ATM may include the 
step of validating the signature of the further party prior to enabling a user to 
digitally sign the electronic document. In the case of a car dealership for 
5 example, the finance manager may digitally sign the car loan prior to the ATM 
accessing the electronic document. The digital signature of the car dealership 
may be verified by the ATM prior to enabling the user to digitally sign the car 
loan. In such cases the electronic document may include the digital certificate 
associated with the further parties such as the car dealership. The electronic 

10 document may also include the digital certificates of the certificate authorities 
which signed the digital certificates of the further parties. 

In the previously described embodiment, a financial account card of the 
customer was previously associated with the customer's digital safe deposit 
account, digital certificate, and/or private key. The exemplary embodiment 

1 5 may include a method for providing financial account cards with the ability to 
digitally sign electronic documents at an ATM. For example, a credit card 
issuer such as a bank may have a plurality of credit card accounts. As the 
credit card business tends to be highly competitive, adding a digital signing 
capability to the credit cards of the batik's customers may provide an 

20 additional incentive for the customer to carry and use the bank's issued credit 
cards. 

This described embodiment of the method may include the bank or 
other entity creating individual digital certificates, public/private, key pairs, 
and/or digital safe deposit accounts for a plurality of pre-existing financial 
25 accounts such as credit card accounts or other financial accounts. Such 
individual digital certificates, public/private key pairs, and/or digital safe 
deposit accounts may be stored in association with each of the financial 
accounts on one or more servers operated by the bank or a digital signature 
service or network. 
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Figure 18 shows a schematic view of an exemplary embodiment of a 
. system 700 that may be operative to carry out this described method. Here the 
system 700 includes a plurality of banks 702, 704 , or other financial 
organizations. Each of the banks includes a plurality of financial accounts 
5 706, 708 such as credit card accounts. For each of these accounts, the banks 
may have a digital signature service or network entity 710 manage a digital 
certificate, public/private key pair, and/or digital safe deposit account in one or 
more storage servers 712. 

The exemplary embodiment of the digital signature service or network 

10 710 includes or is in operative communication with a host system 7 1 4. The 
host system is operative to provide a plurality of ATMs 716 with access to the 
services of the digital signature network 710. Such services may include for 
example the digital signing of electronic documents and the storage of 
electronic documents in digital safe deposit accounts. As discussed 

15 previously, customers of the banks 702, 704 may use their credit cards or other 
cards associated with financial accounts to cause an ATM to digitally sign 
electronic documents. The processing fees acquired from the signing of 
electronic documents may be transferred or assessed to at least one of the 
entities that operates the digital signature network and the banks or other card 

20 issuers, m one exemplary embodiment, the processing fees may be split 

between the entity that operates the digital signature network and the banks or 
other card issuers. 

To advertise that the financial accounts of the customers maybe used 
to digitally sign electronic documents, the described exemplary method may 

25 include marking or branding the cards issued by the bank with a logo, design, 
or mark which indicates that the card may be used to digitally sign electronic 
documents. Such a logo may be a source indicator mark such as a 
trademark/service mark for the digital signature network 710. In addition, to 
enable a customer to more easily locate the ATMs 716 which may be used to 

30 sign electronic documents, the ATMs 716 may include or output a matching 
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logo. For banks or other entities witti a large number of preexisting financial 
accounts such as credit cards, the exemplary embodiment of the presently 
described method may include mailing replacement credit cards to the 
customers which include a mark such as a logo which indicates that the card 
5 may be used to digitally sign electronic documents. In one exemplary 

embodiment, the customers may use the PIN previously associated with their 
financial account to access an ATM for purposes of digitally signing an 
electronic document. In other exemplary embodiments, the bank may supply 
the user with a separate password for use with accessing the services of the 

10 digital signature network. 

In some exemplary embodiments, the ATM may be operative to cause 
a new digital certificate to be created for a user for use with signing an 
electronic document. For example, if the user does not have a previously 
issued digital certificate, public/private key pair and/or digital safe deposit 

1 5 account associated with a smart card, portable computing device, financial 

account, credit card, and/or digital safe deposit account, the exemplary ATM 
may be operative to provide the user with a digital certificate, public/private 
key pair, and/or digital safe deposit account. In some exemplary 
embodiments, the ATM may enable the user to forward the newly created 

20 digital certificate to a smart card, portable storage medium, portable 

computing device, networked storage location, or other user selectable storage 
location or address for use in signing electronic documents in the future 
through the exemplary ATM or other digital signature software and devices. 
As will be discussed below, in some exemplary embodiments the ATM may 

25 enable a user to associate the newly created digital certificate, public/private 
key pair, and/or digital safe deposit account with a card selected by the user or 
issued to the user by the digital signature network. 

As with regard to the fees associated with the signing of electronic 
documents, fees may also be caused to be assessed by the ATM for the 

30 creation of a digital certificate, a public/private key pair, and/or a digital safe 
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deposit account. As discussed previously, such fees may be accessed to a 
financial account of the user, a financial account stored in association with the 
ATM, or a financial account associated with the electronic document intended 
to be signed. For example, as in the previously discussed scenario of signing 
5 electronic documents related to car loans, the ATM may be operative to cause 
the fees associated with the creation of the digital certificate to be associated 
with the entity supplying the electronic documents such as the car dealership 
or financial institution issuing the loan. 

The described exemplary embodiment of the ATM may prompt the 

1 0 user to enter through an input device of the ATM information about the user 
which is to be integrated into and/or associated with the digital certificate. 
Such information may include the name, address, and birth date of the user. 
The information may also include the user's social security number, passport 
number, driver's license number, national identification number, student 

15 number, or any other unique number associated with the user. The 

information provided for generating the digital certificate may also include a 
user provided password or other number for use with creating or accessing 
public/private key pairs, the public key thereof being integrated into the digital 
certificate. 

20 To expedite the input of information into the ATM for generating the 

digital certificate, the ATM may be operative to retrieve user specific 
information for the digital certificate from an electronic document intended to 
be digitally signed using the ATM. For example, in the previous example 
scenario of a user signing loan documents for a car, the finance manager or 

25 other employee of the car dealership may input the user's name, address, social 
security number, birth date, drivers license number, and/or other user specific 
information into the electronic document that corresponds to the loan. Such 
information may be stored as XML data or another computer accessible format 
within or in association with the electronic document. Prior to the ATM 

30 enabling the user to sign the electronic document, the ATM may access the 
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user specific information associated with the electronic document. The 
information accessed from the electronic document in addition to any 
information requested to be inputted directly into the ATM by the user, may be 
caused to be integrated into a digital certificate by the ATM. In some 
5 exemplary embodiments, the ATM may output the user specific information 
through an output device of the ATM. The ATM may prompt the user to 
verify the accuracy of the information prior to causing digital certificate to be 
created. 

In an exemplary embodiment, the ATM may cause the user specific 

1 0 information to be forwarded to a certificate authority which is operative to 

issue a signed digital certificate for the user. In some embodiments, the ATM 
may forward the user specific information to the previously discussed digital 
signature network, storage server, and/or other server which is operative to 
format the digital certificate and/or interface with the certificate authority to 

15 issue the digital certificate. 

m an exemplary embodiment, the digital signature network may further 
be operative to authenticate the provided user specific information by 
contacting a credit reporting service 720 or other database of user information 
to compare and validate the provided user specific information. If the user 

20 specific information is invalid, inconsistent, or is otherwise suspect, the 

exemplary digital signature network may return a message to the ATM which 
is representative of a denial to generate a digital certificate for the user. Such a 
message may indicate the reasons for the denial. 

Exemplary embodiments of the ATM may further acquire additional 

25 information from the user requesting the digital certificate including a 

biometric input, such as a fingerprint scan, a digital image of the user's face, 
iris scan, hand scan, or any other input which may be representative of the 
identity of the user. Such information may be integrated into or associated 
with the digital certificate. Such information may also be used to validate the 

30 identity of the user prior to creating the digital certificate. 
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In some exemplary embodiments, the ATM may further prompt the 
user to input a card, such as a credit card, smart card, drivers license, national 
identification card, or any other unique card which can be accessed by the card 
reader of the ATM to retrieve user specific information. Such user specific 
5 information may include an account number or other number stored on the 
card which can be forwarded to the digital signature network, financial 
transaction processing system such as a host banking system, or other server to 
be used to authenticate the identity of the user. In some exemplary 
embodiments, the ATM may further prompt the user to input through an input 

10 device of the ATM, a secret password or PIN associated with the card. The 
ATM may be operative to validate the inputted secret password or PBSf 
through communication with the digital signature network, host banking 
system, or the card itself. 

In some exemplary embodiments, the ATM may prompt the user to 

1 5 provide an input that indicates whether the user would like the newly created 
digital certificate, public/private key pairs and/or digital safe deposit account 
to be associated with a pre-existing financial account of the user such as a 
credit card or a bank card. In such cases, the exemplary ATM may prompt the 
user to insert or swipe the desired card through the card reader of the ATM. 

20 The account number read from the card may be forwarded to the digital 

signature network and be stored in association with the user's newly created 
digital certificate, public/private key pairs, and/or digital safe deposit account. 
The digital signature network may further notify the financial institution 
associated with the card, that the consumer has associated a digital certificate, 

25 public/private key pairs and/or digital safe deposit account with the account 
number of the card. The financial institution may then issue a new card to the 
user, which includes the mark or logo of the digital signature network. 

Exemplary embodiments of the ATM may also prompt the user, as to 
whether the user would like the newly created digital certificate, public/private 

30 key pairs and/or digital safe deposit account to be associated with other 
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cards/numbers uniquely associated with the user. Such cards for example may 
include the user's social security card, drivers license card, national 
identification card, and student ID card, hi such cases, the exemplary ATM 
may prompt the user to insert or swipe the card with the desired unique 
5 number stored thereon through the card reader of the ATM. The unique 

number read from the card may be forwarded to the digital signature network 
and be stored in association with the user's newly created digital certificate, 
public/private key pairs, and/or digital safe deposit account. 

In some embodiments, where the newly created digital certificate, 

1 0 public/private key pairs, and/or digital safe deposit account is not associated 
with a financial account or other unique card/number of the user, the digital 
signature network may be operative to issue the user a digital signature card 
for use with signing future electronic documents and for accessing electronic 
documents stored in the user's digital safe deposit account. The digital 

1 5 signature card may include stored thereon a unique account number associated 
with the newly created digital certificate, public/private key pairs, and/or 
digital safe deposit account. In one exemplary embodiment, the ATM may 
include a card issuing device which is operative to output the digital signature 
card directly to the user once the digital certificate is created. In further 

20 exemplary embodiments, the digital signature network may initiate the 

production of a digital signature card which is mailed to the address of the 
user. 

Once the digital certificate, public/private key pair, and/or digital safe 
deposit account is created, the exemplary ATM may proceed to prompt the 

25 user through the process of signing the electronic document using the private 
key associated with the newly created digital certificate. 
In exemplary embodiments, where the user associates a financial account or 
other card/number with a newly created digital certificate or where a digital 
signature card is issued to the user, the ATM may prompt the user to input 

30 through an input device of the ATM, a secret password or PIN to be 
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associated with the card for purposes of using the card in the future to sign 
electronic documents and/or for accessing electronic documents stored in the 
newly created digital safe deposit account. In the future, the user may use 
his/her credit card, digital signature card, or other card associated with the 
5 newly created digital certificate, public/private key pair, and/or digital safe 

deposit account to sign other electronic documents at the same ATM or other 
exemplary ATM connected to the exemplary digital signature network. As 
discussed previously exemplary embodiments of the ATM may prompt the 
user to enter the password or PIN associated with the card prior to enabling the 

1 0 user to sign electronic documents and/or access electronic documents for a 
digital safe deposit account with the ATM. 

As shown in Figure 18, the exemplary embodiment of the digital 
signature network may further be in communication with a public network 
such as the Internet 718 to enable user to access their digital certificate, 

1 5 public/private key pair, and/or digital safe deposit account from a home 
computer or other computing device. The digital signature network may 
further provide services over the Internet such as digitally signing electronic 
documents and/or storing electronic documents in a digital safe deposit 
account associated with a financial account. For example, in one exemplary 

20 embodiment, the digital signature network may include a web server which 
enables a user to enter his/her financial account number or other card/number 
and PIN or other password through a browser of a PC or other computing 
device. If the entered information is valid, the exemplary digital signature 
network may enable the user to sign an electronic document using the private 

25 key associated with the inputted financial account number or other 

card/numbers. The web server may further enable Internet users to manage 
electronic documents that are stored in the storage servers of the digital 
signature network 710, such as viewing, copying, deleting, and forwarding the 
documents to other locations and addresses. 
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Computer software used in operating the automated transaction 
machines of the present invention and connected computers, computer 
processors, and servers may be loaded from articles of various types into the 
respective computers. Such computer software may be included on and loaded 
5 from one or more articles such as diskettes, compact disks, or DVDs. Such 

software may also be included on articles such as hard disk drives, tapes, read- 
only memory devices, or memory cards. Other articles which include data 
representative of the instructions for operating computers in the manner 
described herein are suitable for use in achieving operation of automated 

10 transaction machines and associated digital signature services, networks and 
servers and systems in accordance with embodiments described herein. 

The exemplary embodiments of the automated banking machines and 
systems described herein have been described with reference to particular 
software components, functions and features. Other embodiments of the 

1 5 invention may include other or different software components, digital 

signature algorithms, and cryptography components which provide similar 
functionality. 

Thus the new automated transaction machine digital signature system 
and method achieves one or more of the above stated objectives, eliminates 
20 difficulties encountered in the use of prior devices and systems, solves 
problems and attains the desirable results described herein. 

In the foregoing description certain terms have been used for brevity, 
clarity and understanding, however no unnecessary limitations are to be 
implied therefrom because such terms are used for descriptive purposes and 
25 are intended to be broadly construed. Moreover, the descriptions and 

illustrations herein are by way of examples and the invention is not limited to 
the exact details shown and described. 

In the following claims any feature described as a means for 
performing a function shall be construed as encompassing any means known 
30 to those skilled in the art to be capable of performing the recited function, and 
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shall not be limited to the features and structures shown herein or mere 
equivalents thereof. The description of the exemplary embodiment included in 
the Abstract included herewith shall not be deemed to limit the invention to 
features described therein. 
5 Having described the features, discoveries and principles of the 

invention, the manner in which it is constructed and operated, and the 
advantages and useful results attained; the new and useful structures, devices, 
elements, arrangements, parts, combinations, systems, equipment, operations, 
methods and relationships are set forth in the appended claims. 
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CLAIMS 

We claim: 

1. An apparatus comprising: 
5 an ATM, wherein the ATM includes: 

at least one computer processor; 

at least one input device in operative connection with the 
1 0 computer processor; and 

at least one display device in operative connection with the 
computer processor, wherein the computer processor is 
operative to output a visual representation of at least one 

1 5 electronic document through the display device responsive to at 

least one first input through the at least one input device, and 
wherein the computer processor is operative to cause the at 
least one electronic document to be digitally signed with a 
private key responsive to at least one second input through the 

20 at least one input device. 

2. The apparatus according to claim 1, wherein the computer 
processor is operative to cause a message to me output through the display 
device which prompts a user to enter through the at least one input device a 

25 confirming input which is representative of a confirmation that a digital 
signing of the electronic document is intended to be a legally binging 
signature, wherein the at least one second input includes the confirming input. 

3. The apparatus according to claim 1, wherein the ATM further 
30 includes a cash dispenser device in operative connection with the computer 
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processor, wherein the computer processor is operative to cause the cash 
dispenser to dispense currency responsive to at least one third input through 
the at least one input device. 

5 4. The apparatus according to claim 2, wherein the ATM further 

includes a digitizing signature pad in operative connection with the computer 
processor, wherein the computer processor is operative to receive at least one 
hand written signature scan through the digitizing signature pad, wherein the 
computer processor is operative to include the hand written signature scan 
1 0 with the electronic document. 

5. The apparatus according to claim 3, wherein the ATM further 
includes a card reader in operative connection with the computer processor, 
wherein the computer processor is operative to cause the card reader to read at 

1 5 least one account number from a card, wherein the computer processor is 

operative to cause a remote server to access the private key responsive to the at 
least one account number read from the card. 

6. The apparatus according to claim 5, wherein the account number 
20 includes a financial account number associated with a financial account. 

7. The apparatus according to claim 6, wherein computer processor is 
operative to cause the electronic document to be digitally time stamped. 

25 8. The apparatus according to claim 7, wherein the ATM includes a 

fascia, wherein the at least one display device and the at least one input device 
are accessible to the user through the fascia, wherein further comprising a 
visible indicia adjacent the fascia, wherein the visible indicia is representative 
of source indicator mark for a digital signature service. 
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9. The apparatus according to claim 5, wherein the ATM further 
includes at least one communication port in operative connection with the 
computer processor, wherein the computer processor is operative to 
communicate with at least external source though the communication port, 

5 wherein the computer processor is operative to retrieve the electronic 
document from the at least one external source. 

10. The apparatus according to claim 9, wherein the computer 
processor is operative to send a digitally signed copy of the electronic 

1 0 document to the at least one external source. 

1 1 . The apparatus according to claim 9, wherein the at least one 
external source includes a network accessible storage location. 

15 12. The apparatus according to claim 9, wherein the at least one 

external source includes portable computing device. 

13. The apparatus according to claim 2, wherein the computer 
processor is operative responsive to the at least one second input to attach a 

20 statement to the electronic document which indicates that the user confirmed 
that the digital signing of the electronic document is intended to represent a 
legally binding electronic signature of the user. 

14. The apparatus according to claim 13, wherein the computer 

25 processor is operative to cause at least the statement to be digitally signed with 
a further private key. 

15. The apparatus according to claim 3, wherein the ATM further 
includes a storage device drive in operative connection with the computer 

30 processor, wherein the computer processor is operative to read and write to a 
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portable storage medium placed in operative connection with the storage 
device drive, wherein the computer processor is operative to retrieve the 
electronic document from the portable storage medium. 

5 16. The apparatus according to claim 15, wherein the computer 

processor is operative to store a digitally signed copy of the electronic 
document on the portable storage medium. 

17. The apparatus according to claim 3, further comprising at least one 
1 0 server located remotely from the ATM, wherein the computer processor is 

operative to communicate with the at least one server, wherein the at least one 
server is operative to generate a digital signature responsive to the private key. 

18. The apparatus according to claim 17, wherein the computer 
1 5 processor is operative to send the electronic document to the at least one 

server, wherein the at least one server is further operative to generate the 
digital signature responsive to the electronic document. 

19. The apparatus according to claim 17, wherein the computer 

20 processor is operative to generate and send a one-way hash of the electronic 
document to the at least one server, wherein the at least one server is further 
operative to generate the digital signature responsive to the one-way hash, 
wherein the computer processor is operative to receive the digital signature 
from the at least one server, wherein the computer processor is operative to 

25 attach the digital signature to the electronic document. 

20. The apparatus according to claim 3, wherein the computer 
processor is operative to communicate with at least one server located 
remotely from the ATM, wherein the computer processor is operative to 

30 retrieve the private key from the at least one server, wherein the computer 
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processor is operative to generate a digital signature responsive to the 
electronic document and the private key. 

21. The apparatus according to claim 3, wherein the computer 
5 processor is operative to communicate with at least one portable computing 

device, wherein the at least one portable computing device includes the private 
key, wherein the at least one portable computing device is operative to 
generate a digital signature responsive to the private key. 

10 22. The apparatus according to claim 21, wherein the computer 

processor is operative to send the electronic document to the at least one 
portable computing device, wherein the at least one portable computing device 
is further operative to generate the digital signature responsive to the 
electronic document. 

15 

23. The apparatus according to claim 21, wherein the computer 
processor is operative to generate and send a one-way hash of the electronic 
document to the at least one portable computing device, wherein the at least 
portable computing device is further operative to generate the digital signature 
20 responsive to the one-way hash, wherein the computer processor is operative 
to receive the digital signature from the portable computing device, wherein 
the computer processor is operative to attach the digital signature to the 
electronic document. 

25 24. The apparatus according to claim 3, wherein the computer 

processor is operative to communicate with at least one portable computing 
device, wherein the computer processor is operative to retrieve the private key 
from the at least one portable computing device, wherein the computer 
processor is operative to generate a digital signature responsive to the 

3 0 electronic document and the private key. 
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25. The apparatus according to claim 3, wherein the ATM further 
includes a smart card reader in operative connection with the computer 
processor, wherein the computer processor is operative to communicate with 
at least one smart card through the smart card reader, wherein the private key 
5 is stored on the smart card., wherein the smart card is operative to generate a 
digital signature responsive to the private key. 



26. The apparatus according to claim 25, wherein the computer 
processor is operative to send the electronic document to the smart card, 
10 wherein the smart card is further operative to generate the digital signature 
responsive to the electronic document. 



27. The apparatus according to claim 25, wherein the computer 
processor is operative to generate and send a one-way hash of the electronic 

15 document to the smart card, wherein the smart card is further operative to 
generate the digital signature responsive to the one-way hash, wherein the 
computer processor is operative to receive the digital signature from the smart 
card, wherein the computer processor is operative to attach the digital 
signature to the electronic document. 

20 

28. The apparatus according to claim 3, wherein the ATM further 
includes a smart card reader in operative connection with the computer 
processor, wherein the computer processor is operative to communicate with 
at least one smart card through the smart card reader, wherein the private key 

25 is stored on the smart card., wherein the computer processor is operative to 

retrieve the private key from the smart card, wherein the computer processor is 
operative to generate a digital signature responsive to the electronic document 
and the private key. 
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29. An automated transaction machine comprising: 

at least one computer processor, 

5 at least one display device in operative connection with the computer 

processor, wherein the computer processor is operative to output a 
visual representation of an electronic document through the display 
device; 

1 0 a card reader in operative connection with the computer processor, 

wherein the computer processor is operative to cause the card reader to 
read indicia corresponding to at least one account number from a card; 
and 

15 at least one input device in operative connection with the computer 

processor, wherein the computer processor is operative to output a 
message through the display device which prompts a user to enter a 
confirming input through the at least one input device which is 
representative of a confirmation that a digital signing of the electronic 

20 document is intended to be a legally binging signature, wherein the 

computer processor is operative to cause the electronic document to be 
digitally signed with a private key associated with the account number 
responsive to the confirming input. 

25 30. The apparatus according to claim 29, further comprising a 

digitizing signature pad in operative connection with the computer processor, 
wherein the computer processor is operative to receive at least one hand 
written signature scan through the digitizing signature pad, wherein the 
computer processor is operative to include the hand written signature scan 
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with the electronic document prior to the electronic document being digitally 
signed. 

31 . The apparatus according to claim 29, further comprising a cash 
5 dispenser in operative connection with the computer processor, wherein the 
computer processor is operative to cause the cash dispenser to dispense cash 
responsive to at least one further input received through the at least one input 
device. 

10 32. The apparatus according to claim 29, wherein the computer 

processor is operative to access at least one digital safe deposit account located 
remotely from the automated transaction machine, wherein the private key is 
stored in association with the digital safe deposit account, wherein the account 
number is associated with digital safe deposit account. 

15 

33. The apparatus according to claim 32, wherein the computer 
processor is operative to access at least one storage server, wherein the at least 
one storage server is in operative connection with at least one data store, 
wherein the at least one data store includes the private key stored in 

20 association with the digital safe deposit account. 

34. The apparatus according to claim 33, wherein the computer 
processor is operative to cause the storage server to store the electronic 
document in the at least one data store in association with the digital safe 

25 deposit account. 

35. The apparatus according to claim 29, wherein the account number 
includes a financial account number associated with a financial account. 
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36. The apparatus according to claim 35, wherein the computer 
processor is operative to communicate the financial account number to at least 
one remote server, wherein the remote server is operative to access the private 
key responsive to the financial account number. 

5 

37. The apparatus according to claim 36 wherein the computer 
processor is operative to cause the remote server to produce a digital signature 
for the electronic document responsive to the private key, wherein the 
computer processor is operative to receive the digital signature from the 

10 remote server and attach the digital signature to the electronic document. 

38. The apparatus according to claim 37, wherein the computer 
processor is operative to attach a digital certificate to the electronic document, 
wherein the digital certificate includes a public key that is operative to validate 

1 5 the digital signature. 

39. The apparatus according to claim 29, wherein the computer 
processor is operative to cause the private key and a matching public key to be 
produced, wherein the computer processor is in operative communication with 

20 a certificate authority, wherein the computer processor is operative to cause 
the certificate authority to generate a digital certificate that includes the public 
key. 



40. The apparatus according to claim 39, wherein the computer 
25 processor is operative to attach the digital certificate to the electronic 

document. 

41. The apparatus according to claim 40, wherein the computer 
processor is operative to cause the private key and the digital certificate to be 

3 0 stored in association with a digital safe deposit account. 



WO 02/073341 



PCT/US02/06826 



55 

42. The apparatus according to claim 41, wherein the computer 
processor is operative to cause a remote server to establish the digital safe 
deposit account. 

5 43. The apparatus according to claim 42, wherein the computer 

processor is operative to cause the remote server to associate the digital safe 
deposit account with a financial account associated with the account number. 

44. The apparatus according to claim 29, wherein the computer 
10 processor is operative to cause the private key to be produced, wherein the 

computer processor is operative to cause the private key to be remotely stored 
in association with the account number. 

45. The apparatus according to claim 44, wherein the account number 
1 5 corresponds to a financial account number. 

46. The apparatus according to claim 29, wherein the computer 
processor is operative to communicate with a financial transaction processing 
system, wherein the computer processor is operative to cause the electronic 

20 document to be digitally signed responsive to communication with the 
financial transaction processing system. 

47. The apparatus according to claim 29, wherein the computer 
processor is operative to cause the electronic document to be further digitally 

25 signed with a further private key. 

48. The apparatus according to claim 47, wherein the further private 
key is associated with a notary public. 
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49. The apparatus according to claim 29, wherein computer processor 
is operative to cause the electronic document to be digitally time stamped. 

50. The apparatus according to claim 29, wherein prior to causing the 
5 electronic document to be digitally signed, the computer processor is operative 

to modify the electronic document responsive to at least one further input 
through the at least one input device. 



10 



15 



51. A method comprising: 

a) accessing an electronic document with an ATM; 

b) displaying the electronic document through a display screen of 
the ATM; 

c) prompting a user to enter at least one first input representative 
of a confirmation that a digital signature for the electronic 
document is intended to correspond to a legally binding 
signature; 

d) receiving the at least one first input through at least one input 
device of the ATM; 



e) producing the digital signature for the electronic document 
25 responsive to the at least one first input; and 

f) attaching the digital signature to the electronic document. 



20 



52. The method according to claim 51, wherein after step (b) further 
30 comprising: 
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g) capturing a handwritten signature scan through a digitizing 
signature pad of the ATM; and 

h) attaching the handwritten signature scan to the electronic 
5 document. 

53. The method according to claim 51, wherein further comprising: 

g) receiving at least one second input through the at least one 
input device; 

10 

h) causing a cash dispenser of the ATM to dispense cash 
responsive to the at least one second input. 

54. The method according to claim 51, wherein prior to step (e) further 
15 comprising: 

g) reading a financial account number from a card through 
operation of a card reader of the ATM; 

20 h) causing a private key associated with the financial account 

number to be accessed from a remote server; and 

wherein in step (e) the digital signature is caused to be generated responsive to 
the private key associated with the financial account number. 

25 

55. The method according to claim 51, further comprising: 

g) producing a digital time stamp for the electronic document; and 



30 h) attaching the digital time stamp to the electronic document. 
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56. Computer readable media bearing instructions whicb are operative 
to cause at least one computer in the ATM to cause the ATM to carry out the 
method steps recited in claim 5 1 . 

5 

57. A method comprising: 

a) reading a financial account number from a card through 
operation of a card reader device; 

b) sending the financial account number read from the card to a 
server associated with a digital signature network, wherein the 
server is operative to cause a private key stored in association 
with a financial account to be accessed responsive to 
correlating the financial account number read from the card 
with the financial account; and 

c) causing an electronic document to be digitally signed 
responsive to the private key associated with the financial 
account. 

58. The method according to claim 57, further comprising: 

d) accessing a digital safe deposit account that corresponds to the 
financial account number; and 

e) causing the electronic document to be stored in a remote data 
store in association with the digital safe deposit account. 
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59. The method according to claim 57, further comprising: 

d) receiving the electronic document from the remote data store; 



e) sending the electronic document to an external storage location 
other than the remote data store. 

60. The method according to claim 57, wherein prior to step (c) further 
10 comprising: 

d) outputting a visual representation of the electronic document 
through a display device of an automated transaction machine 
including a cash dispenser, wherein the automated transaction 
1 5 machine includes the card reader device. 



61 . The method according to claim 60, wherein prior to step (c) further 
comprising: 

20 e) enabling a user to modify the content of the electronic 

document through at least one input to at least one input device 
of the automated transaction machine. 

62. The method according to claim 60, wherein prior to step (c) further 
25 comprising: 

e) capturing a handwritten signature scan through a digitizing 
signature pad of the automated transaction machine; and 
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f) attaching the handwritten signature scan to the electronic 
document. 

63. The method according to claim 57, wherein prior to step (c) further 
5 comprising: 

e) prompting a user to enter at least one input representative of a 
confirmation that the digital signature is intended to correspond 
to a legally binding signature; and 

1 0 wherein step (c) is performed responsive to receiving the at least one 

input. 

64. The method according to claim 63, wherein after step (e) further 
comprising: 

15 

f) receiving the at least one input through at least one input device 
of an automated transaction machine, wherein the automated 
transaction machine includes the card reader device; and 

20 g) causing a record of the at least one input to be stored in 

association with the financial account number. 

65. The method according to claim 57, wherein in step (a) the financial 
account number corresponds to a credit card number. 

25 

66. The method according to claim 57, wherein prior to step (c) further 
comprising: 



30 



d) receiving at least one input through at least one input device of 
an automated transaction machine, wherein the automated 
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transaction machine includes the card reader device; and 

e) sending the server associated with the digital signature network 
information corresponding to the received at least one input, 
5 wherein the server is operative to cause access to the private 

key to be permitted responsive to a determination that the 
received input corresponds to a password associated with the 
private key. 



1 0 67. The method according to claim 66, wherein in step (d) the at least 

one input corresponds to biometric data received through a biometric reading 
device of the automated transaction machine. 

68. The method according to claim 66, wherein in step (d) the at least 
1 5 one input corresponds to a PIN of the financial account, wherein the PIN is 

entered through a keypad of the automated transaction machine. 

69. The method according to claim 57, further comprising: 

20 d) causing the electronic document to be digitally time stamped. 



70. Computer readable media bearing instructions which are operative 
to cause at least one computer in the automated transaction machine to cause 
the automated transaction machine to carry out the method steps recited in 

25 claim 57. 

71. A method comprising: 



30 



a) 



accessing an electronic document with an automated 
transaction machine; 
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b) causing a digital certificate to be produced, wherein the digital 
certificate includes information associated with the identity of a 
user of the automated transaction machine, wherein the digital 
certificate includes a public key that corresponds to a private 

5 key; 

c) displaying a visual representation of the electronic document 
through a display screen of the automated transaction machine; 

1 0 d) prompting a user to enter at least one input representative of a 

confirmation that a digital signature for the electronic document 
is intended to correspond to a legally binding signature; 

e) receiving the at least one input through at least one input device 
15 of the automated transaction machine; 

f) causing the digital signature for the electronic document to be 
produced responsive to the at least one input and the private 
key; and 

20 

g) causing the digital signature and digital certificate to be 
attached to the electronic document. 



25 72. The method according to claim 71, wherein prior to step (b) further 

comprising: 

h) retrieving at least a portion of the information associated with 
the identity of the user from the electronic document. 
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73. The method according to claim 72, further comprising: 

h) causing a digital safe deposit account to be established for the 
user in a remote data store, including storing the digital 
5 certificate and the private key in association with the digital 

safe deposit account. 

74. The method according to claim 73, further comprising: 

1 0 i) causing a digitally signed copy of the electronic document to be 

stored in association with the digital safe deposit account. 

75. The method according to claim 71, wherein in step (a) the 
electronic document is accessed from a network accessible storage location. 

15 

76. The method according to claim 71, further comprising: 

h) sending a digitally signed copy of the electronic document to a 
network accessible storage location. 

20 

77. The method according to claim 71, further comprising: 

h) sending a digitally signed copy of the electronic document to a 
network address specified by the electronic document. 

25 

78. The method according to claim 71, further comprising: 



30 



h) sending a digitally signed copy of the electronic document to a 
network address specified by the automated transaction 
machine. 
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79. The method according to claim 71, further comprising: 

h) causing a digital signature processing fee to be assessed to an 
account specified in the electronic document through 
5 communication with a financial transaction processing system. 

80. The method according to claim 71, further comprising: 

h) causing a digital signature processing fee to be assessed to an 
1 0 account specified by the automated transaction machine 

through communication with a financial transaction processing 
system. 

8 1 . The method according to claim 71 , further comprising: 

h) causing a digital time stamp to be created for the electronic 
document; and 

i) causing the digital time stamp to be attached to the electronic 
document. 

82. The method according to claims 71, wherein the automated 
transaction machine includes a cash dispenser. 

83. Computer readable media bearing instructions which are operative 
to cause at least one computer in the automated transaction machine to cause 
the automated transaction machine to carry out the method steps recited in 
claim 71. 
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84. An apparatus comprising: 

at least one computer processor; and 

5 at least one data store in operative connection with the computer 

processor, wherein the at least one data store includes a plurality of 
digital safe deposit accounts stored therein, wherein each of the digital 
safe deposit accounts is associated with at least one private key, 
wherein the computer processor is operative to communicate with a 
plurality of ATMs, wherein the computer processor is operative 
responsive to at least one of the ATMs to cause a digital signature to be 
produced for an electronic document responsive to the private key 
associated with one of the digital safe deposit accounts. 

85. The apparatus according to claim 84 wherein the computer 
processor is operative to receive the electronic document from the at least one 
ATM, wherein the computer processor is operative to store the electronic 
document in the data store in association with the one digital safe deposit 
account. 

86. The apparatus according to claim 85 wherein the computer 
processor is operative to retrieve the electronic document from the data store 
and send the electronic document to any one of the plurality of ATMs. 

87. The apparatus according to claim 85 wherein the computer 
processor is operative to encrypt and decrypt the electronic document stored in 
the at least one data store responsive to a secret key received from the at least 
one ATM. 
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88. The apparatus according to claim 84 wherein each digital safe 
deposit account is associated with a financial account number, wherein the 
computer processor is operative to access the private key associated with the 
one digital safe deposit account responsive to a message received from the at 
5 least one ATM which includes a financial account number that corresponds to 
the financial account number associated with the one digital safe deposit 
account. 



89. The apparatus according to claim 88, wherein the at least one 
1 0 financial account number corresponds to a credit card number. 

90. The apparatus according to claim 84 wherein each digital safe 
deposit account is associated with at least one digital certificate, wherein the 
computer processor is operative to cause the digital signature and at least one 

1 5 of the digital certificates associated with the one digital safe deposit account to 
be attached to the electronic document. 

91. The apparatus according to claim 84 wherein the computer 
processor is operative to maintain and store in the at least one data store, an 

20 access log in association with each digital safe deposit account. 



92. The apparatus according to claim 84 wherein the at least one ATM 
includes a cash dispenser, wherein the computer processor is operative through 
communication with a financial transaction processing system to cause a 

25 dispense of cash from the cash dispenser to be authorized. 

93. The apparatus according to claim 84 wherein the computer 
processor is operative to 

cause a new digital safe deposit account to be created in the data store 
30 responsive to communication from the at least one ATM. 



WO 02/073341 



PCT/US02/06826 



67 

94. The apparatus according to claim 93 wherein the computer 
processor is operative to cause a new private key and a corresponding public 
key to be produced responsive to communication from the at least one ATM, 
wherein the computer processor is operative to store the private key in 

5 association with the new digital safe deposit account. 

95. The apparatus according to claim 94 wherein the computer 
processor is operative to cause a digital certificate to be generated and stored 
in association with the new digital safe deposit account, wherein the digital 

1 0 certificate includes the public key. 

96. The apparatus according to claim 95 wherein the computer 
processor is operative to receive a financial account number from the at least 
one ATM, wherein the computer processor is operative to store the financial 

1 5 account number in association with the new digital safe deposit account. 

97. The apparatus according to claim 96 wherein the computer 
processor is operative to receive a password input from the at least one ATM, 
wherein the computer processor is operative to store the password input in 

20 association with the new digital safe deposit account. 

98. The apparatus according to claim 84 Wherein the computer 
processor is operative to receive a one-way hash of the electronic document 
from the at least one ATM, wherein the computer processor is operative to 

25 cause the digital signature to be generated responsive to the one-way hash and 
the private key. 

99. The apparatus according to claim 84 wherein the computer 
processor is operative to cause a second digital signature to be produced for 

30 
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the electronic document responsive to a private key that is not associated with 
the one digital safe deposit account. 

100. The apparatus according to claim 84 wherein the computer 

5 processor is operative to cause a digital signature processing fee to be assessed 
to a financial account in response to causing the digital signature to be 
produced for the electronic document. 

101. The apparatus according to claim 100 wherein the computer 

1 0 processor is operative to receive information about the financial account from 
the at least one ATM. 

102. The apparatus according to claim 84 wherein the computer 
processor is operative to cause a digital time stamp to be produced and 

1 5 attached to the electronic document. 



103. A method comprising: 

a) receiving a financial account number from an automated 
20 transaction machine; 

b) accessing a private key associated with the financial account 
number; and 

c) enabling an electronic document displayed by the automated 
transaction machine to be digitally signed with the private key. 



104. The method according to claim 103, wherein prior to step (c) 
further comprising: 



PCT/US02/06826 



69 

d) receiving a password from the automated transaction machine; 
and 

e) verifying that the password corresponds to a valid password 
previously associated with the financial account number. 

105. The method according to claim 103, further comprising: 

d) accessing a digital certificate previously associated with the 
financial account number, wherein the digital certificate 
includes a public key that corresponds to the private key, 
wherein the public key is capable of being used to validate the 
digital signature; and 

e) enabling the digital certificate to be associated with the 
electronic document. 

106. The method according to claim 103, further comprising: 

d) storing a digitally signed copy of the electronic document in a 
digital safe deposit account in association with the financial 
account number. 

107. The method according to claim 103, further comprising: 

d) receiving a second financial account number from the 
automated transaction machine; and 

e) assessing a processing fee associated with the digital signing of 
the electronic document to a financial account associated with 
the second financial account number. 
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108. The method according to claim 103, further comprising: 

d) enabling the electronic document to be digitally time stamped. 

109. The method according to claim 103, further comprising: 
d) dispensing cash from the automated transaction machine. 

110. A method comprising: 



a) receiving a request from an automated transaction machine to 
digitally sign an electronic document visually displayed by the 
automated transaction machine, wherein the request includes an 
account number that is associated with a digital safe deposit 

15 account; 

b) accessing a private key associated with the digital safe deposit 
account responsive to the account number; and 

c) producing a digital signature for the electronic document 
responsive to the private key; and 

d) causing the digital signature to be attached to the electronic 
document. 



111. The method according to claim 110, further comprising: 



e) storing a digitally signed copy of the electronic document in a 
data store in association with the digital safe deposit account. 
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1 12. The method according to claim 110, wherein in step (a) the 
account number corresponds to a financial account number. 

113. The method according to claim 1 10 and further comprising: 
e) dispensing cash from the automated transaction machine. 

114. A method comprising: 



10 a) receiving a request at an ATM to digitally sign an electronic 

document visually displayed by the ATM; 

b) causing a digital signature and a digital time stamp to be 
produced for the electronic document; and 



15 



20 



c) causing the digital signature and the digital time stamp to be 
attached to the electronic document. 

115. The method according to claim. 1 14 and further comprising: 

d) dispensing cash from the ATM. 

1 16. A method comprising: 



25 a) producing a plurality of digital certificates for a plurality of 

individual customers, wherein each individual customer is 
associated with an account; 

b) associating the accounts of the individual customers with the 
30 corresponding digital certificates of the individual customers; 
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c) producing at least one card for each of the individual 

customers, wherein each card includes a first visible indica 
thereon which corresponds to a source indicator mark for a 
digital signature service, wherein each card includes machine 
5 readable data corresponding to an account number associated 

with the account of the individual customer; 



d) sending the cards to the individual customers; and 

10 e) enabling each individual customer to digitally sign an electronic 

document using any one of a plurality of automated transaction 
machines and one of the cards, wherein each automated 
transaction machine is operative to display a visual 
representation of the electronic document through a display 

15 device of the automated transaction machine, wherein each 

automated transaction machine is operative to cause the 
electronic document to be digitally signed through 
communication with the digital signature service, wherein the 
communication includes the account number read from the card 

20 by the automated transaction machine. 



25 



117. The method according to claim 116, wherein in step (e) each of 
the machines includes a second visible indicia which corresponds to a source 
indicator mark for the digital signature service. 

118. The method according to claim 117, wherein in step (e) the 
second indicia is displayed adjacent a fascia of the automated transaction 
machines, wherein the first indicia and the second indicia are visually similar. 
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1 19. The method according to claim 116, wherein in step (a) each 
digital certificate includes a public key that corresponds to a private key, 
wherein in step (c) the digital signature service is operative to cause the 
electronic document to be digitally signed responsive to the private key that 

5 corresponds to the public key of the digital certificate which is associated with 
the account of the individual customer using the machine. 

120. The method according to claim 116, wherein in step (e) the 
digital signature service is operative to access a private key associated with the 

10 account number read from the card, wherein the digital signature service is 
operative cause the electronic document to be digitally signed responsive to 
the private key. 

121 . The method according to claim 116, wherein in step (c) the cards 
15 correspond to financial account cards, wherein the accounts correspond to 

financial accounts. 

122. The method according to claim 121, wherein in step (e) the 
automated transaction machines are operative to cause processing fees to be 

20 assessed for the digital signing of electronic documents, and further 
comprising: 

f) enabling an entity that manages the financial accounts for the 
individual customers to receive at least a portion of the 
25 processing fees. 

123. The method according to claim 116, wherein in step (e) the 
automated transaction machines include digitizing signature pads, wherein the 
automated transaction machines are operative to include handwritten signature 

30 data captured with the digitizing signature pads in the electronic documents. 
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124. The method according to claim 116, wherein at least some of the 
automated transaction machines include cash dispensers, wherein the 
automated transaction machines that include cash dispensers are further 
operative to dispense cash. 

5 

125. The method according to claim 124, wherein in step (c) the cards 
correspond to bank cards, wherein the accounts correspond to banking 
accounts, and wherein the automated transaction machines include cash 
dispensers, and wherein the automated transaction machines are further 

10 operative to dispense cash withdrawn from the banking accounts. 

126. The method according to claim 1 16, wherein in step (a) the 
accounts correspond to digital safe deposit accounts, wherein in step (c) the 
cards correspond to digital safe deposit account cards. 



15 



WO 02/073341 



PCT7US02/06826 



1/11 



Certificate Authority 



30\ 



Host Banking 
System 




Data Store 



Digital Safe Deposit Accounts 
Electronic Documents — ■ — 

Private Key ■ — 

Digital Certificate ■ — ^ 

^62 

Financial Account Reference - 



-40 

.44 

^45 
h48 



16 

1 



Input Device 



Selection Buttons 
Keyboard 
Keypad 
Microphone 
Touch Screen , 
Biometric Scanner «/ 
Signature Pad 



Cash Dispenser 



Depository 



Software Components 



Terminal Control 
Software 

Digital Signature 
Software 



Floppy disk drive 
Hard disk drive 
Magneto optical 
Drive 

Flash memory drive 
CD-RW drive 
DVD RAM 
Tape Drive 
/L 



Communication Port 



'28 




z: 



Portable Store 


ge Medium 


Floppy disk 


Memory Stick 


Zip disk 


CD 


Jaz cartridge 


Mini-CD 


Flash memory 


DVD 


Smart Media 


Tape 


CompactFlash 


PC Card 



'36 



38 



Portable Computing Device 



Notebook Computer 
PDA 

Palm Device 
Mobile phone 



Network Storage 



Network Address 
URL 
FTP 
HTTP 



FIG. 1 



WO 02/073341 



PCT/US02/06826 



2/11 



Digital Safe Deposit Account 



Electronic Documents 
Private Key - 
Digital C 
Access Log 

Financial Account Reference ■ 



-40 



42 
44 
45 

N 48 




Network Storage 



FIG. 2 



WO 02/073341 



PCT/OS02/06826 



3/11 



18- 



□ 
□ 
□ 
□ 
t 

52 102 

FIG. 3 



4^ 



.100 



Please select a function 

<- Withdrawal -1 04 □ 

<-- Deposit — — ^106 □ 

<-- Transfer — — ^ 1 08 □ 

<--View Document -^110 □ 



18* 



□ 
□ 
□ 
□ 



Retrieve Document From: 

<--Digital Safe Deposit Account -> □ 

<-Zip Disk -126 124 □ 

<--Local Network -128 130 □ 

<--Secure Internet/Intranet Site^ □ 



4= 



122 

FIG. 4 



WO 02/073341 



4/11 



PCT/US02/06826 



18- 



□ 
□ 
□ 
□ 



^140 

j/ 

Select Document 

<--Auto Loan □ 
<-Property Deed □ 
<"Mortgage Contract □ 
<--lnsurance Policy □ 



43 



142 

FIG. 5 



18- 



□ 
□ 
□ 

□ 



Auto Loan: 

1997 Ford Escort 
Serial No.: 1234 
Miles: 50,000 
Price: $5,000 



43 



162 



160 



□ 
□ 
□ 
□ 



FIG. 6 



WO 02/073341 



PCT/US02/06826 



5/11 



18- 



□ 
□ 
□ 
□ 



170 

Auto Loan: 

<--View— -174 □ 

<— Digitally Sign — — - m □ 

<-SendTo— --178 □ 
<--Delete-v,80 □ 

t ' 

^— 172 

FIG. 7 



18- 



□ 
□ 
□ 
□ 



Send Auto Loan To: 



<— Digital Safe Deposit Account -> □ 

<-Zip Disk -ig6 194 □ 

<--Local Network -198 200 □ 

■-Secure Internet/Intranet Site ^ □ 



< 

— 

^-192 

FIG. 8 



WO 02/073341 



PCT/US02/06826 



6/11 



Server 



Private Key * 



FIG. 9 306 < 



Electronic 
Document 



^302 

308 

304 



ATM 



Electronic Document - 



Digital ^310 



^300 
306 



Server 

Encryption Algorithm • 



FIG- 10 322^ Hash 



K-322 

328 
324 



f J 



Digital ^300 



ATM 



One Way Hash Algorithm* 
Electronic Document 



^320 

334 

326 



FIG. 11 



Server 



Private Key 



V-342 
344 



ATM 



Electronic Documents 



^340 

348 

346 



350 



WO 02/073341 



PCT/US02/06826 



7/11 



ATM 

Electronic Document- 



406 



FIG. 12 



^^Electronic 

Document 



1^410 

Signature 



Smart Card 



Digital Signature Software* 
Private Key- 



"^402 

-408 
±404 



FIG. 13 




FIG. 14 



ATM 



Electronic Document 
(+ Digital Signature) 



444^ 



Key 



-440 

-448 
h446 



Smart Card 



Private Key - 



450 



"/-442 
= 444 



WO 02/073341 



PCT/US02/06826 



8/11 



Servers 1/^508 

Financial Transaction 
Processing System 
ATM Host Banking System 
Document Processing System 
Digital Signature Service/Network 
Storage Servers 



500 




527^ 



5*0 



□ 

□ 
□ 



Auto Loan: 




1997 Ford Escort 


MoveUP-> 


VIN: 1546AHHR8 




Miles: 50,000 




Amount: $5,000 


Sign-> 


Rate: 6.7% 


Move Down-> 


LendonBankA 





C524 

□ 

□ 



528 




WO 02/073341 



PCT/US02/06826 



9/11 



Prepare Electronic Document V600 



Save Electronic Document 
To Storage Location 



Swipe Card through Card 
Reader of ATM 



Read Financial Account 
Number From Card 



Input PIN Into ATM 



Ir608 



Retrieve Electronic Document 
From Storage Location 


/-BIO 




t 




Output Electronic Document 
Through ATM Display Device 


A612 




' 




Input Command to Mate 
Digital Signing of Document 


/*614 




r 




Input Confirmation that 




to be legally b 


nding signature 




> 






Digitally Sign Electronic 
Document with Private Key 
Associated with Financial 
Account 





Send Signed Electronic 
Document to Specified 



Charge Processing Fees to 
a Party Associated with the 
Electronic Document 



|/*620 



l/*622 



FIG. 17 



WO 02/073341 PCT/US02/06826 

10/11 



700 



Bank A 



Financial 
Accounts 



1^702 



706 



BankB 



Accounts 



1^704 



-708 



Digital Signature Network 



1^710 



712- 



714' « ATM 



r718 

O 



ATM ATM ATM 



716 



FIG. 18 



11/11 



y 

Auto Loan: 

I confirm that the digital signing of this 
document is intended to create my 
legally binding electronic signature. 

<~YES NO--> 



FIG. 19 



